[8565] in bugtraq
Re: ISS Security Advisory: Hidden community string in SNMP
daemon@ATHENA.MIT.EDU (Raphael Muzzio)
Sun Nov 15 22:45:32 1998
Date: Sun, 15 Nov 1998 19:03:55 -0700
Reply-To: Raphael Muzzio <rmuzzio@ZDNETMAIL.COM>
From: Raphael Muzzio <rmuzzio@ZDNETMAIL.COM>
To: BUGTRAQ@NETSPACE.ORG
Roland,
Actually the message posted by X-Force is referring to backdoor passwords found embedded in the binaries in the Solaris and HP SNMP agents listed. I have noticed X-Force advisories typically are not full disclosure, so I went ahead and dug into the agents with a binary editor and found the following passwords:
Solaris: all private
HP: snmpd
These passwords are NOT stored in the snmp.conf, and as far as I can tell from testing, cannot be disabled. I have not tested against the patched versions of the Sun binaries - can someone try this community string on the new agents?
In the last few months this list has seen backdoors in 3COM, HP and Sun products. Is this common practice among vendords today?
-Raphael
Roland Grefer (btirg@ui.uis.doleta.gov)
Thu, 5 Nov 1998 16:25:20 -0500
In reply to: Jean Chouanard: "Re: ISS Security Advisory: Hidden community string in SNMP"
> At 02:47 PM 11/2/98 -0800, someone using X-Force's login wrote:
> >
> >ISS Security Advisory
> >November 2nd, 1998
> >
> >Hidden community string in SNMP implementation
The community string in the SNMP implementation actually is NOT hidden,
but rather accessible in plain text form in
/etc/snmp/conf/snmp.conf
(by default there, or another location when modified; snmpdx usually
should be started with the "-c /pathname/snmp.conf" option to control
which configuration file is being used.
The relevant entries are the strings assigned to
system-group-read-community public
system-group-write-community private
read-community public
write-community private
It is recommended that these "passwords" be changed from their default
values (above: public/private) to avoid security compromises.
Free web-based email, anytime, anywhere!
ZDNet Mail - http://www.zdnetmail.com
