| VID |
20001 |
| Severity |
30 |
| Port |
161 |
| Protocol |
UDP |
| Class |
Snmp |
| Detailed Description |
The Cisco IOS software has a SNMP read-write ILMI community string vulnerability. Cisco IOS Software releases based on versions 11.x and 12.0 contain a defect that allows a limited number of SNMP objects to be viewed and modified without authorization using a undocumented ILMI community string. Some of the modifiable objects are confined to the MIB-II system group, such as "sysContact", "sysLocation", and "sysName", that do not affect the device's normal operation but that may cause confusion if modified unexpectedly. The affected device might be vulnerable to a denial-of-service attack if it is not protected against unauthorized use of the ILMI community string.
ILMI is a necessary component for ATM, and the vulnerability is present in every IOS release that contains the supporting software for ATM and ILMI without regard to the actual presence of an ATM interface or the physical ability of the device to support an ATM connection. |
| Recommendation |
To remove this vulnerability, Cisco is offering free software upgrades for all affected platforms. The defect is documented in DDTS record CSCdp11863. You can find the latest version of Cisco IOS appropriate for your system, as listed in Cisco Systems Field Notice, February 27, 2001. See References.
In lieu of a software upgrade, a workaround can be applied to certain IOS releases by disabling the ILMI community or "*ilmi" view and applying an access list to prevent unauthorized access to SNMP. Filtering SNMP traffic at a network perimeter or on individual devices may protect any affected system, regardless of software release. |
| Related URL |
CVE-2001-0711 (CVE) |
| Related URL |
2427 (SecurityFocus) |
| Related URL |
6169 (ISS) |
|
