lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 18 Feb 2004 22:14:07 +0100 (CET)
From: Hugo van der Kooij <>
Subject: Re: SNMP community string disclosure in Linksys WAP55AG

On Wed, 17 Feb 2004, NN Poster wrote:

> Linksys WAP55AG does not properly secure SNMP community strings. In particular, it is possible to obtain all community strings, including read/write, by querying OID
> = STRING: "public"
> = STRING: "private"
> Verified on WAP55AG, firmware 1.07

But ... Can you obtain this information without a valid community string?


 All email sent to me is bound to the rules described on my homepage.
	    Don't meddle in the affairs of sysadmins,
	    for they are subtle and quick to anger.

Powered by blists - more mailing lists