lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: 9 Apr 2003 18:48:53 -0000 From: Branson Matheson <branson@...dborne.net> To: bugtraq@...urityfocus.com Subject: Medium Vulnerability in SNMP on Linsys BEFVP41 While the following is not a critical vulnerability, it is a serious problem for those that are implementing these VPN routers in production environments. Problem: The MIB information available from the default 'public' community name on the external interface of a Linksys VPN router includes information about the hosts on the inside of the protected network including routes, hardware addresses ( MAC ), and some configuration information. What is NOT available include information about the VPN's configured, any preshared keys, VPN routes, or endpoint IP's. Testability: install the net-snmp package and run the following on any Linksys router that has not had it's community names altered: snmpwalk -v 1 -c public {ip} This has been tested on versions 1.40.3f and 1.40.4 ( latest ) version. Solution: Change the community names configured in the 'password' section of the VPN routers web based config tool. There is no current way to disable SNMP. Vendor: I have sent numerous mails to the vendor concerning this issue starting about 90 days ago. The last several have been ignored.
Powered by blists - more mailing lists