Bugtraq mailing list archives
AIX SNMP Defaults
From: harikiri () ATTRITION ORG (harikiri)
Date: Tue, 15 Feb 2000 18:58:06 -0600
Following on from Michael Zalewski's recent SNMP post, here's an issue i
noted on two AIX systems.
NOTE: This was seen on both AIX 4.3 and 4.2.
It appears that on the above releases of AIX, the SNMP daemon is enabled
by default and two community names are enabled with read/write privileges.
The community names are "private" and "system", but are only allowed from
localhost connections. Nevertheless, a local user may install an SNMP
client, and modify sensitive variables.
Excerpt from /etc/snmpd.conf:
<snip>
# 2. Set the community names and access privileges for hosts that can make
# requests of this snmpd agent. Define these restrictions as follows:
#
# community <name> <address> <netmask> <permissions> <view name>
<snip>
community public
community private 127.0.0.1 255.255.255.255 readWrite
community system 127.0.0.1 255.255.255.255 readWrite 1.17.2
harikiri
Current thread:
- AUTORUN.INF Vulnerability, (continued)
- AUTORUN.INF Vulnerability Eric Stevens (Feb 17)
- Re: AUTORUN.INF Vulnerability Jesper M. Johansson (Feb 18)
- UPDATED: NetBSD Security Advisory 2000-001 Daniel Carosone (Feb 18)
- Re: AUTORUN.INF Vulnerability Nick FitzGerald (Feb 19)
- Re: AUTORUN.INF Vulnerability Valentin Pletzer (Feb 20)
- MMDF Ran Atkinson (Feb 18)
- Re: perl-cgi hole in UltimateBB by Infopop Corp. Brock Sides (Feb 18)
- Re: perl-cgi hole in UltimateBB by Infopop Corp. Bennett Todd (Feb 18)
- Re: perl-cgi hole in UltimateBB by Infopop Corp. Dennis Taylor (Feb 18)
- AIX SNMP Defaults harikiri (Feb 15)
- Re: AIX SNMP Defaults Michal Zalewski (Feb 17)
- Re: AIX SNMP Defaults Troy Bollinger (Feb 21)
- riched32.dll buffer overflow Pauli Ojanpera (Feb 21)
- Re: AIX SNMP Defaults Troy Bollinger (Feb 17)
- Security Bulletins Digest Aleph One (Feb 17)