Re: Routes that are susceptible to SNMP

Wed, 05 Feb 2003 10:45:02 -0800 

"public" and "private" are out-of-the-box default community strings
for read and read-write access almost any network equipment.

Get the private MIB for the Ascend MAX (now Lucent), and look at what you can
get ;-).

With the read-write comminity you can get, alter, wipe, the router config,
you can reboot it, create users, modify the routing table, etc...

I don't remeber if the MAX-1600 has tunneling capabilies.... if so, you
can create a tunnel to your own machine and...

Hope this helps,

        -- I�igo

Quoting Rod Strader <[EMAIL PROTECTED]>:

> Good day everyone,
> 
> I am currently on a vulnerability assessment gig and found that a
> router
> on the way to my clients target is susceptible to snmp with a
> community
> string of public.  This device when looking at it shows the arp table
> having my clients targets IP address in it.  What is the general
> consensus of how dangerous this is to my client.  I don't know if I
> can
> change anything with same community string but I can review all the
> information on the device. Here is some of the information I found
> walking the mib:
> 
> Description: Ascend Max-1800 BRI S/N: 8371001 Software +6.0.10+
> 
> This device appears to be the gateway router before their email
> server.
> The arp table still has the target in it.  
> 
> Please comment!
> 
> Rod Strader
> 
> 
> 
> 
> 
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert
> (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
> see:
> https://alerts.securityfocus.com/
> 
> 
> 



--
I�igo Gonz�lez Ponce <igonzalez .at .exocert .dot. com>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Reply via email to