SNMP: HMAC Handling Authentication Bypass Exploit
There exists an authentication bypass vulnerability in multiple implementations of SNMPv3 protocol. The vulnerability is caused by improperly handling of HMAC in an authentication message. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted SNMPv3 authentication request to gain unauthorized access to the target system. An attack targeting this vulnerability can result in authentication bypass to the target system. The behaviour of the target will depend on configuration of the affected SNMP agent daemon.
Extended Description
Net-SNMP is prone to a remote authentication-bypass vulnerability caused by a design error. Successfully exploiting this issue will allow attackers to gain unauthorized access to the affected application. Net-SNMP 5.4.1, 5.3.2, 5.2.4, and prior versions are vulnerable.
Affected Products
Ingate siparator,Cisco application_&_content_networking_software
Short Name
SNMP:HMAC-AUTH-BYPASS-EXPLOIT
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
SNMP
Keywords
Authentication Bypass CVE-2008-0960 Exploit HMAC Handling bid:29623
Release Date
08/01/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
Port
UDP/161
False Positive
Unknown
Vendors
Red_hat
Ecoscentric
Cisco
Apple
Gentoo
Ucd-snmp
Sun
Hp
Juniper_networks
Avaya
Ingate
Net-snmp
Suse
Slackware
Ubuntu
Mandriva
Nortel_networks
Debian
Vmware
CVSS Score
10.0