mailing list archives
Re: AIX SNMP Defaults
From: troy () AUSTIN IBM COM (Troy Bollinger)
Date: Thu, 17 Feb 2000 08:57:06 -0600
Quoting harikiri (harikiri () ATTRITION ORG):
It appears that on the above releases of AIX, the SNMP daemon is enabled
by default and two community names are enabled with read/write privileges.
The community names are "private" and "system", but are only allowed from
localhost connections. Nevertheless, a local user may install an SNMP
client, and modify sensitive variables.
This is fixed in AIX 4.3 with APAR IY04865 and was announced on the
Security_APARs mailing list from aixserv () austin ibm com in January.
Customers wishing to subscribe to this list should send email to
aixserv () austin ibm com with a subject of "Subscribe Security_APARs".
Troy Bollinger troy () austin ibm com
AIX Security Development security-alert () austin ibm com
PGP keyid: 1024/0xB7783129 Troy's opinions are not IBM policy
Re: perl-cgi hole in UltimateBB by Infopop Corp. Kevin Hillabolt (Feb 15)
Re: perl-cgi hole in UltimateBB by Infopop Corp. Jordan Ritter (Feb 16)
Packet filter logging: MAC & TCP flags Jens Hektor (Feb 15)
Re: perl-cgi hole in UltimateBB by Infopop Corp. Irwin Lazar (Feb 17)
Re: perl-cgi hole in UltimateBB by Infopop Corp. Randal L. Schwartz (Feb 17)