Computer Security
[EN] securityvulns.ru no-pyccku


Multiple SNMPv3 authentication implementations bypass
Published:10.06.2008
Source:
SecurityVulns ID:9069
Type:remote
Threat Level:
6/10
Description:User-supplied number of signature bytes are checked on signature validation.
Affected:CISCO : IOS 12.0
 CISCO : IOS 12.1
 CISCO : IOS 12.2
 CISCO : IOS 12.3
 CISCO : IOS 12.4
 NETSNMP : Net-SNMP 5.2
 CISCO : IOS XR 3.2
 NETSNMP : Net-SNMP 5.3
 CISCO : IOS XR 3.4
 CISCO : CatOS 7.6
 CISCO : CatOS 8.5
 CISCO : IOS XR 3.3
 NETSNMP : Net-SNMP 5.4
 CISCO : CatOS 6.4
 CISCO : CatOS 8.6
 CISCO : NX-OS 4.0
CVE:CVE-2008-0960
Original documentdocumentCISCO, Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities (10.06.2008)
 documentCERT, US-CERT Technical Cyber Security Alert TA08-162A -- SNMPv3 Authentication Bypass Vulnerability (10.06.2008)
 documentAndrea Barisani, [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing (10.06.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod