RE: SNMP Vulnerabilities [7:35954]
> Author: Kevin Pan () > Date: 02-20-02 09:56 > > Has anyone heard about the captioned problem on Cisco devices? > > Please comment. > > Rgds, > Kevin Yes, many Cisco devices affected. However, it looks like you can only cause the device to reset. Software fixes being published now. http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-pub.shtml I'm not sure how "critical" a vulnerability it is, but regardless, check out the security advisory and adjust your security stance accordingly. --Wes Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=35958&t=35954 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SNMP Vulnerabilities [7:35954]
Here is a link off cert.org, http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-pub.shtml. Brian - Original Message - From: "Kevin Pan" To: Sent: Wednesday, February 20, 2002 6:56 AM Subject: SNMP Vulnerabilities [7:35954] > Has anyone heard about the captioned problem on Cisco devices? > > Please comment. > > Rgds, > Kevin Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=35973&t=35954 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: SNMP Vulnerabilities [7:35954]
They key is to have a community string that is aplha-numeric, or hard to crack. Also, I would recommend writing an access-list for an individual host or hosts for the SNMP. Daniel Ladrach CCNA, CCNP WorldCom -Original Message- From: Wes [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 20, 2002 10:49 AM To: [EMAIL PROTECTED] Subject: RE: SNMP Vulnerabilities [7:35954] > Author: Kevin Pan () > Date: 02-20-02 09:56 > > Has anyone heard about the captioned problem on Cisco devices? > > Please comment. > > Rgds, > Kevin Yes, many Cisco devices affected. However, it looks like you can only cause the device to reset. Software fixes being published now. http://www.cisco.com/warp/public/707/cisco-malformed-snmp-msgs-pub.shtml I'm not sure how "critical" a vulnerability it is, but regardless, check out the security advisory and adjust your security stance accordingly. --Wes Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=35982&t=35954 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
