Bugtraq mailing list archives

AIX SNMP Defaults (fwd)

From: dhg () KSRT ORG (Dave G.)
Date: Thu, 17 Feb 2000 11:33:54 -0500

It appears that on the above releases of AIX, the SNMP daemon is enabled
by default and two community names are enabled with read/write
privileges.
The community names are "private" and "system", but are only allowed
from localhost connections. Nevertheless, a local user may install an
SNMP client, and modify sensitive variables.


Since SNMP is UDP based, it is possible that you can spoof snmp set
requests provided that:

1) There are no firewalls in between.
2) snmpd doesnt have any code to detect which interface an SNMP packet
   came in on (not likely).

From your output, it looks like the system community might be limited to a

certain set of variables that it can read/write.  (depending on what view
name means)

Dave G.

<daveg () ksrt org>
http://www.ksrt.org/~daveg
http://www.ksrt.org

Current thread:

Re: ASP Security Hole (fwd) Justin King (Feb 10)
- Re: ASP Security Hole (PHP Too) Joshua J. Drake (Feb 15)
  - Re: ASP Security Hole (PHP Too) Daniel Austin (Feb 17)
  - Re: ASP Security Hole (PHP Too) Alexander Leidinger (Feb 17)
  - AIX SNMP Defaults (fwd) Dave G. (Feb 17)
  - New Allaire Security Zone Bulletin Aleph One (Feb 17)
- <Possible follow-ups>
- Re: ASP Security Hole (fwd) Mark L. VanScoyk (Feb 10)