Title: Atmel SNMP public Community or Unknown OID Denial of Service Vulnerability
Severity: MODERATE
Description:
Atmel is a chip design and manufacturing firm that provides various RF-based products to corporate consumers. Atmel manufactures firmware for various wireless access systems.
SNMP (Simple Network Management Protocol) is designed to provide a framework for remote management of network resources. It is supported by some Atmel products.
This problem lies with the Atmel chipset firmware. If a SNMP read request is sent with any value other than 'public' for the community name, or an unknown OID (Object ID) key, a Denial of Service condition will be created. The network device will not respond to further communication. This may happen even if the SNMP request is otherwise successful.
Through exploitation of this, a remote attacker could deny network access to a vulnerable device. A restart is required in order to regain normal functionality.
It is unknown if more recent versions of the Atmel firmware share this vulnerability.
Affected Products:
- Atmel Firmware 1.3.0
- Linksys WAP11 1.3.0
- NetGear ME102 1.3.0
References:
- Atmel: Atmel Homepage
- Linksys: Driver Downloads
- Netgear: Netgear Support Page
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
