Security Incidents mailing list archives
Re: SNMP vulnerability test?
From: "Kevin Moon" <km1x () hotmail com>
Date: Wed, 13 Feb 2002 18:53:30 +0000
It might have been installed by a third party application. The Compaq Management Agents are dependent on SNMP, for example.
Kevin
-----Original Message----- From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu] Sent: Wednesday, February 13, 2002 12:55 PM To: Eric Brandwine Cc: Davis Ray Sickmon, Jr; incidents () lists securityfocus com Subject: Re: SNMP vulnerability test? On Wed, 13 Feb 2002 00:34:00 GMT, Eric Brandwine said: > What're they printing from? I'd check that first. The number of > win98/nt/2k hosts listening on SNMP is terrifying. How did it get turned on? Microsoft said in the CERT advisory: Summary: All Microsoft implementations of SNMP v1 are affected by the vulnerability. The SNMP v1 service is not installed or running by default on any version of Windows. A patch is underway to eliminate the vulnerability. In the meantime, we recommend that affected customers disable the SNMP v1 service. Is this like the "W2K doesn't install IIS, but if you upgraded a machinethat had Personal Webpage (or whatever it was) it will upgrade that to IIS"?-- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
_________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- RE: SNMP vulnerability test? Jason Craig (Feb 13)
- <Possible follow-ups>
- RE: SNMP vulnerability test? Ralph Los (Feb 13)
- Re: SNMP vulnerability test? Kevin Moon (Feb 13)
- RE: SNMP vulnerability test? Filip Jonckers (Feb 13)
- RE: SNMP vulnerability test? Matthew LaGrange (Feb 13)