Title: NetworkAppliance NetCache SNMP Default Community String Vulnerability
Severity: MODERATE
Description:
NetCache is a product distributed by NetworkAppliance. NetCache is an appliance designed to provide the cacheing of commonly accessed network resources as a means of enhanced content delivery.
A problem in the NetCache could make it possible for remote users to gather sensitive information. Upon gaining access to this information, a remote user may be able to map network resources.
The problem occurs in the design of the firmware and SNMP community strings. The default community string to access SNMP information is "public." The problem arises when trying to secure SNMP, and attempting to disable the default community string. Upon adding a community string, the default is not removed. Instead, the new community string is added, and the default kept.
This makes it possible for a remote user to use the default string to gather sensitive information. This could lead to further attack on the network.
Affected Products:
- NetAppliance NetCache C630 3.3.1
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
