SNMP: HMAC Authentication Bypass
This signature detects attempts to circumvent authentication in SNMPv3. Attackers sending large volumes of crafted SNMP packets may be able to read and/or write to SNMP MIB targets. A successful attack can result in information disclosure or system compromise.
Extended Description
Net-SNMP is prone to a remote authentication-bypass vulnerability caused by a design error. Successfully exploiting this issue will allow attackers to gain unauthorized access to the affected application. Net-SNMP 5.4.1, 5.3.2, 5.2.4, and prior versions are vulnerable.
Affected Products
Ingate siparator,Cisco application_&_content_networking_software
References
BugTraq: 29623
CVE: CVE-2008-0960
URL: http://www.ocert.org/advisories/ocert-2008-006.html http://sourceforge.net/forum/forum.php?forum_id=833770
Short Name
SNMP:HMAC-AUTH-BYPASS
Severity
Minor
Recommended
False
Recommended Action
None
Category
SNMP
Keywords
Authentication Bypass CVE-2008-0960 HMAC bid:29623
Release Date
06/17/2008
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Red_hat
Ecoscentric
Cisco
Apple
Gentoo
Ucd-snmp
Sun
Hp
Juniper_networks
Avaya
Ingate
Net-snmp
Suse
Slackware
Ubuntu
Mandriva
Nortel_networks
Debian
Vmware
CVSS Score
10.0