Support
Eng
òÕÓ
Company
Home
Services
Security Assessment
Website Security Audit
Network Penetration Testing
Solutions
DataCenter GreenZone
Web Application Security
Vulnerability Assessment
Intrusion Protection System
Documentation
News and Events
Register
|
LogIn
Knowledgebase
Downloads
Glossary
Ask a Question
Search:
Advanced search
Please enter a keyword or ID
SHALB.com
/
Security Knowledgebase
/
Network Security
/
SNMP
/ SNMP VACM
server monitoring
SNMP VACM
Article ID: 10688
Last updated: 27 Jan, 2009
Print
Email to friend
Views: 417
Posted: 22 Jan, 2009
by: Tech Pubs S.
Updated: 27 Jan, 2009
by: Tech Pubs S.
SNMP VACM
This script is Copyright (C) 2005-2007 Tenable Network Security
Family
SNMP
Plugin ID
10688
Bugtraq ID
5030
CVE ID
CVE-2004-1775
Description:
Synopsis :
The SNMP private community strings can be retrieved using SNMP.
Description :
It is possible to obtain the remote private community strings using
the View-Based Access Control MIB of the remote Cisco router.
An attacker may use this flaw to gain read/write SNMP access on this
router.
See also :
http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml
Solution :
Disable the SNMP service on the remote host if you do not use it, or
filter incoming UDP packets going to this port or install Cisco patch.
Risk factor :
Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
This article was:
Helpful
|
Not Helpful
Prev
Next
Discover HP JetDirect EWS Password via SNMP
Enumerate routes via SNMP
server monitoring
