Home page logo
/

bugtraq logo Bugtraq mailing list archives

AIX SNMP Defaults (fwd)
From: dhg () KSRT ORG (Dave G.)
Date: Thu, 17 Feb 2000 11:33:54 -0500


It appears that on the above releases of AIX, the SNMP daemon is enabled
by default and two community names are enabled with read/write
privileges.
The community names are "private" and "system", but are only allowed
from localhost connections. Nevertheless, a local user may install an
SNMP client, and modify sensitive variables.


Since SNMP is UDP based, it is possible that you can spoof snmp set
requests provided that:

1) There are no firewalls in between.
2) snmpd doesnt have any code to detect which interface an SNMP packet
   came in on (not likely).

From your output, it looks like the system community might be limited to a
certain set of variables that it can read/write.  (depending on what view
name means)

Dave G.

<daveg () ksrt org>
http://www.ksrt.org/~daveg
http://www.ksrt.org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]