[ale] SNMP newly discovered problems

Michael H. Warfield mhw at wittsend.com
Tue Feb 12 21:10:04 EST 2002


Bob,

On Tue, Feb 12, 2002 at 04:45:28PM -0500, Transam wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1

> This reports newly discovered severe vulnerabilities in SNMP that have
> existed for a long time in many vendors' products.  I pointed out in my
> book that SNMP had many severe security problems and security experts
> joke that SNMP=Security Not My Problem.

	While this is true, in general, and the problems, in this case,
are specific to SNMP v1 on which that commentary is based, the problems
are not related to the general statement.  In this case, the problems
described by the advisory are not the general lamosities that are
inherent in SNMP v1 but relate to implimentation faults and programing
errors.  Mishandling BER encoding/decoding or buffer overruns or
boundry checking, or parameter typing are the subject of the advisories
but not problems in the protocol or the specification.  Nothing in the
spec mandates potential for DoS attacks or buffer overruns that can
give attackers access to the host systems.  These are in addition to
the lame problems that swirl around SNMP to begin with.

> Best regards,

> Bob Toxen, President
> Fly-By-Day Consulting, Inc.           "Experts in Linux & network security"
> Author,
> "Real World Linux Security: Intrusion Detection, Prevention, and Recovery"
> 700 pages
> Prentice Hall
> November 2000
> +1 770-662-8321 Office

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
  /\/\|=mhw=|\/\/       |  (678) 463-0932   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list