Bugtraq mailing list archives
Re: ISS Security Advisory: Hidden community string in SNMP
From: mmorris () OPS COM (Matt M. Morris)
Date: Tue, 17 Nov 1998 10:26:28 -0500
We have tried a box, Solaris 2.6 patched to current (current as of
september),
that is running the default Sun snmpd binary. The hidden community "all private" worked from local and remote machines.
I setup my Ultra 1 with 2.6 -- unpatched -- with the HPOV B.05.01 snmpdm. I could not get it to work remotely. Hopefully HPs patch for Solaris NNM will fix.
I'm not quite sure what we're going to do about this, but on non critical boxes, ie: the ones we watch only for cold start traps, we have turned of snmpd and use shell scripts that call snmptrap to send the traps we need to receive.
Patiently awaiting HP's patches to be released.... <tap, tap....>them.
-Tim --
-matt Matt M. Morris Consultant Onion Peel Solutions Ph: (919) 821-8004 x242 3101 Industial Drive, Suite 200 Fx: (919) 821-3364 Raleigh, NC 27609 http://www.ops.com
Current thread:
- ISS Security Advisory: Hidden community string in SNMP X-Force (Nov 02)
- Re: ISS Security Advisory: Hidden community string in SNMP Jean Chouanard (Nov 04)
- Re: ISS Security Advisory: Hidden community string in SNMP Roland Grefer (Nov 05)
- <Possible follow-ups>
- Re: ISS Security Advisory: Hidden community string in SNMP Davin Milun (Nov 05)
- Re: ISS Security Advisory: Hidden community string in SNMP Raphael Muzzio (Nov 15)
- Re: ISS Security Advisory: Hidden community string in SNMP sugarat (Nov 15)
- Re: ISS Security Advisory: Hidden community string in SNMP Matt M. Morris (Nov 16)
- Re: ISS Security Advisory: Hidden community string in SNMP sugarat (Nov 16)
- Re: ISS Security Advisory: Hidden community string in SNMP Matt M. Morris (Nov 17)
- nftp vulnerability (fwd) Eric Wanner (Nov 16)
- ISSalert: ISS Security Update Aleph One (Nov 16)
- Re: ISS Security Advisory: Hidden community string in SNMP sugarat (Nov 15)
- Re: ISS Security Advisory: Hidden community string in SNMP Jean Chouanard (Nov 04)
- Re: ISS Security Advisory: Hidden community string in SNMP Matt M. Morris (Nov 16)
- Security Bulletins Digest (fwd) Piotr Strzy¿ewski (Nov 16)
- KDE 1.0's klock can be used to gain root priveledges HD Moore (Nov 16)
- Re: KDE 1.0's klock can be used to gain root priveledges Phillip Vandry (Nov 17)