Cisco alert on SNMP security vulnerability | | 2008-06-13 | | A report issued by Cisco warns of two vulnerabilities in version 3 of the Simple Network Management Protocol (SNMPv3) that could allow hackers to gather system data or alter network equipment configurations.
The vulnerability stems from the acceptance by machines running SNMPV3 of incomplete authentication packets, allowing any user with access a chance to guess the authentication code.
Equipment running the Cisco IOS, CatOS and the IOS-XR operating systems is potentially vulnerable.
Other equipment likely to be affected includes hardware sold by 3Com, Apple Computer, Avaya, CA, EMC, Hewlett-Packard, Juniper Networks, McAfee, Network Appliance, Red Hat, and Sun Microsystems.
The Cisco report gives links to patches and advice to administrators.
| |
|
