Nessus Plugin #10264
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Default community names of the SNMP Agent
- Family:
- SNMP
- Category:
- infos
- Copyright:
- This script is Copyright (C) 1999 SecuriTeam
- Summary:
- Default community names of the SNMP Agent
- Version:
- $Revision: 1.64 $
- Cve_id:
- CAN-1999-0517, CAN-1999-0186, CAN-1999-0254, CAN-1999-0516
- Bugtraq_id:
- 11237, 10576, 177, 2112, 6825, 7081, 7212, 7317, 9681, 986
- Xrefs:
- IAVA:2001-B-0001
- Description:
- Simple Network Management Protocol (SNMP) is a protocol
which can be used by administrators to remotely manage a computer or network
device. There are typically 2 modes of remote SNMP monitoring. These modes
are roughly 'READ' and 'WRITE' (or PUBLIC and PRIVATE). If an attacker is able
to guess a PUBLIC community string, they would be able to read SNMP data (depending
on which MIBs are installed) from the remote device. This information might
include system time, IP addresses, interfaces, processes running, etc.
If an attacker is able to guess a PRIVATE community string (WRITE or 'writeall'
access), they will have the ability to change information on the remote machine.
This could be a huge security hole, enabling remote attackers to wreak complete
havoc such as routing network traffic, initiating processes, etc. In essence,
'writeall' access will give the remote attacker full administrative rights over the
remote machine.
Risk factor : High
More Information:
http://www.securiteam.com/exploits/Windows_NT_s_SNMP_service_vulnerability.html
Generiert am 27.04.2005 um 18:49:54 Uhr.