Re: One more 3Com SNMP vulnerability

[Peter Hicks]

Hi there

I'm running version 3.17 firmware on the SSII Hub 10's here, and the
securityUserTable is only visible if you use a read-write community string.


Peter.

- Original Message -
From: Nerijus Krukauskas [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: 30 August 1999 14:43
Subject: One more 3Com SNMP vulnerability


 Hi,

   It seems that 3Com does not pay much atention how its SNMP is
 implemented. In 3Com SuperStack II hubs MIB there's an OID:
 .1.3.6.1.4.1.43.10.4.2. Its name decodes to

.iso.org.dod.internet.private.enterprises.a3Com.generic.security.securityUse
rTable.
 What You need to know that's read-only community and this OID will give
you
 entire table of communities (read-write and read-only).
   If somebody knows how to contact 3Com with such reports forward this
info
 to them. Half an hour exploring 3Com web site i found no e-mail's (not
even
 [EMAIL PROTECTED]). Amazing...

 --
 Nerijus Krukauskas   Bank of Lithuania
 Division headIT department, Networking division
 Tel. +370-2-680731   Zirmunu 151
 [EMAIL PROTECTED] 2012 Vilnius, Lithuania

One more 3Com SNMP vulnerability

[Nerijus Krukauskas]

Hi,

  It seems that 3Com does not pay much atention how its SNMP is
implemented. In 3Com SuperStack II hubs MIB there's an OID:
.1.3.6.1.4.1.43.10.4.2. Its name decodes to
.iso.org.dod.internet.private.enterprises.a3Com.generic.security.securityUserTable.
What You need to know that's read-only community and this OID will give you
entire table of communities (read-write and read-only).
  If somebody knows how to contact 3Com with such reports forward this info
to them. Half an hour exploring 3Com web site i found no e-mail's (not even
[EMAIL PROTECTED]). Amazing...

--
Nerijus Krukauskas   Bank of Lithuania
Division headIT department, Networking division
Tel. +370-2-680731   Zirmunu 151
[EMAIL PROTECTED] 2012 Vilnius, Lithuania