Bugtraq mailing list archives
Re: NAI-30: Windows NT SNMP Vulnerabilities
From: dleblanc () MINDSPRING COM (David LeBlanc)
Date: Wed, 18 Nov 1998 21:07:56 -0500
At 11:51 AM 11/18/98 -0800, Dave G. wrote:
There is another dangerous 'feature' with regards to SNMP community names under Windows NT 4.0 (SP3). If SNMP is enabled, and there are no community names configured ( under Settings -> Control Panel -> Network -> Services -> SNMP Service -> Security -> Accepted Community Names ) any community name will be valid, and will (obviously) have read/write privileges. I was unable to find anything that documented this behavior, and as you can imagine, I was quite suprised when I accidentally discovered this.
This is actually as per RFC 1157, and is documented on page 532 of the Server Networking Guide from the NT Resource kit. We check for that in the ISS Scanner, too. IIRC, so does CyberCop. This behavior is true of just about any implementation of SNMP which goes by the RFC. I agree with Mike Warfield's assertion that SNMP stands for Security Not My Problem. David LeBlanc dleblanc () mindspring com
Current thread:
- NAI-30: Windows NT SNMP Vulnerabilities Security Research Labs (Nov 17)
- <Possible follow-ups>
- Re: NAI-30: Windows NT SNMP Vulnerabilities David LeBlanc (Nov 18)
- Re: NAI-30: Windows NT SNMP Vulnerabilities Dave G. (Nov 18)
- Re: NAI-30: Windows NT SNMP Vulnerabilities David LeBlanc (Nov 18)
- The Son of Cuartango Hole condor () SEKURE ORG (Nov 19)
- IRIX Vulnerability in ToolTalk RPC Service SGI Security Coordinator (Nov 19)
- NetBSD Security Advisory 1998-005 matthew green (Nov 19)
- Re: NAI-30: Windows NT SNMP Vulnerabilities Friedrichs, Oliver (Nov 18)