Bugtraq mailing list archives
AIX SNMP Defaults (fwd)
From: dhg () KSRT ORG (Dave G.)
Date: Thu, 17 Feb 2000 11:33:54 -0500
It appears that on the above releases of AIX, the SNMP daemon is enabled by default and two community names are enabled with read/write privileges. The community names are "private" and "system", but are only allowed from localhost connections. Nevertheless, a local user may install an SNMP client, and modify sensitive variables.
Since SNMP is UDP based, it is possible that you can spoof snmp set requests provided that: 1) There are no firewalls in between. 2) snmpd doesnt have any code to detect which interface an SNMP packet came in on (not likely).
From your output, it looks like the system community might be limited to a
certain set of variables that it can read/write. (depending on what view name means) Dave G. <daveg () ksrt org> http://www.ksrt.org/~daveg http://www.ksrt.org
Current thread:
- Re: ASP Security Hole (fwd) Justin King (Feb 10)
- Re: ASP Security Hole (PHP Too) Joshua J. Drake (Feb 15)
- Re: ASP Security Hole (PHP Too) Daniel Austin (Feb 17)
- Re: ASP Security Hole (PHP Too) Alexander Leidinger (Feb 17)
- AIX SNMP Defaults (fwd) Dave G. (Feb 17)
- New Allaire Security Zone Bulletin Aleph One (Feb 17)
- <Possible follow-ups>
- Re: ASP Security Hole (fwd) Mark L. VanScoyk (Feb 10)
- Re: ASP Security Hole (PHP Too) Joshua J. Drake (Feb 15)