Pardon to the easily annoyed, but I'm tired of "admins" not bothering to read and understand the relevent documentation before asking others to solve their problems.
Popli, Manish wrote: > I am running solaris-10 with NET-SNMP version: 5.0.9. > > My securities scan showing the vulnerability ID 9386 for this snmp > (**SNMP default community name).** > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0517 > > Fix – Disable this community name, or password protect use of it or > disable snmp if not using. That CVE entry aplies to every implementaion of SNMP, not just NetSMNP. If you are stupid enough to leave the default communities, then stop pretending to be a system administrator. > I would like to disable/remove net-snmp from my box. I am already done > with stopping the services and removed a package but still scan showing > issue for SNMP. > > Here is the some information of my Box. > > [EMAIL PROTECTED]> uname -a > SunOS XXX.com 5.10 Generic_127128-11 i86pc i386 i86pc > [EMAIL PROTECTED]> /usr/sfw/sbin/snmpd -v > NET-SNMP version: 5.0.9 > Web: http://www.net-snmp.org/ > Email: [email protected] > <mailto:[email protected]> > [EMAIL PROTECTED]> ps -eaf |grep -i snmp > root 4344 1 0 11:02:32 ? 0:00 /usr/sfw/sbin/snmpd > root 4392 3600 0 11:44:11 pts/2 0:00 grep -i snmp You did stop all SNMP services before removing packages? > [EMAIL PROTECTED]> svcs -a |grep -i snmp > disabled May_20 svc:/application/management/snmpdx:default > [EMAIL PROTECTED]> pkginfo |grep -i snmp > system SUNWjsnmp Java SNMP API > > How to remove/disable net-snmp or any other solution to get rid of this > vulnerability? Change the default communities? Disable the startup scripts/srevices? Uninstall all the SNMP packages, not just NetSNMP? -- There's no point in being grown up if you can't be childish sometimes. -- Dr. Who ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Net-snmp-coders mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
