SNMP Vulerabilities

Status
Not open for further replies.
Phantasm66

Phantasm66

Posts: 4,909   +8
A new vulnerability has been found with this.... But anywayz...

....I'd be thinking about turning that SNMP (Simple network management Protocol) off anyway if I was you. There are a great number of hacks that exploit this. This new one is just the lastest in a long line.

This effects users of Windows as well as Linux and other *IX operating systems.

Have a read at this article:

http://www.theregister.co.uk/content/4/24042.html

It's unlikely that you've got this service enabled without knowing it, but not impossible. The very vulnerable SNMPv1 is shipped with Windows 9X, NT and 2K, but is not enabled by default. Win-ME has no such service, but it could have been carried over during an upgrade from 9X. Win-XP uses a later version which MS apparently believes is not vulnerable, but I'm by no means convinced that it isn't.

Linux home users also may have it enabled without realizing it, especially if they've done default server installations which they've never got around to using. Bust open a shell and enter the command ps ax | more to see everything running on your system, and look for snmpd and/or gxsnmp. If you find it running, and have no reason to believe it ought to be running, you can very quickly chmod the executable.
Click to expand...

There's instruction in the article for getting rid of it from both Linux and Windows. In Linux, I found I could do this:

BASH# /etc/init.d/snmp stop


to stop the service if it was running, and then

BASH# ntsysv

will list the services to start running at boot, find snmp and unstar it. Then hit ok.

You will need to be root, or su'ed to root with "su - " to use these commands.

Microsoft says a patch is in the works. Obviously all the Linux distributors are working on patches as well. At this writing, Red Hat has already released theirs, which are available as RPMs from ftp://updates.redhat.com.
Click to expand...
 
This turned up when I went to windowsupdate.microsoft.com today...

Security Update, February 12, 2002
Download size: 229 KB, < 1 minute
This update resolves the "Unchecked Buffer in SNMP Service Could Enable Arbitrary Code to be Run" security vulnerability in Windows XP, and is discussed in Microsoft Security Bulletin MS02-006. Download now to prevent a malicious user from running code of his or her choice or launching a denial of service (DoS) attack on your computer
 
Status
Not open for further replies.

Similar threads

E
Linux could have been brought down by backdoor found in widely used utility
2
Replies
31
Views
427
ZedRM
ZedRM
Z
Windows Insiders can now use Sudo just like they do on Linux
Replies
3
Views
181
bviktor
B
D
Linux market share on desktop computers reaches an all-time high
2
Replies
42
Views
581
Guillermo Belli
G

Latest posts

Back