[25448] in bugtraq
Re: ATMSNMPD Vulnerable but not Addressed
daemon@ATHENA.MIT.EDU (Emre Yildirim)
Mon May 13 16:51:43 2002
Message-ID: <2128.138.26.156.193.1021312885.squirrel@www.asper.org>
Date: Mon, 13 May 2002 13:01:25 -0500 (CDT)
From: "Emre Yildirim" <emre.yildirim@us.army.mil>
To: <bugtraq@securityfocus.com>
In-Reply-To: <20020513155522.20007.qmail@mail.securityfocus.com>
Cc: <coppager@scott.disa.mil>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
> ATMSNMPD vulnerable???? Yep! I am challenging anyone out
> there to find information on line stating that Sun's
> ATMSNMPD is vulnerable to attack. As of today May 13 2002
> there is no information identifying this fact. If you are
> running SunATM 4.0 or 5.0 and have not added the patches
> below you are vulnerable to attack. Is there sun
> documentation identifying the vulnerability and the urgent
> need to implement the patch? As of today there is not.
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fpatches%2F107915&zone_32=107915http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fpatches%2F109039&zone_32=109039-09
The patch description doesn't mention what type of vulnerability other than
"atmsnmpd crashes due to improper handling of malicious SNMPv1 request PDUs"
This is the first time I heard about it myself. Sun should have mentioned
this problem in an official security advisory. The patches are also not
listed under
http://sunsolve.sun.com/pub-cgi/show.pl?target=patches/xos-8&nav=pub-patches
which is the "Recommended & Security Patches for Solaris" page. Why is it
not on there? I have no clue. I guess it is not a security issue or it
isnt a recommended patch.
Cheers
Emre Yildirim
emre@uab.edu | emre.yildirim@us.army.mil
