| VID |
20048 |
| Severity |
40 |
| Port |
161 |
| Protocol |
UDP |
| Class |
SNMP |
| Detailed Description |
The HP OpenView SNMP Agent uses a hidden SNMP community string. The hidden SNMP community string exists in the HP OpenView 4.x and 5.x management Agent. This community string has read-write access to portions of the MIB tree used for configuration and maintenance of the SNMP agent. Remote attackers may use this issue to modify MIB tables and obtain sensitive information otherwise reserved for authorized users.
* References:
http://www.iss.net/security_center/alerts/advise12.php
* Platforms Affected:
HP OpenView SNMP Agent Version 5.02 and earlier
HP-UX 10.x
HP-UX 11.00
HP-UX 9.x
Solaris 2.x |
| Recommendation |
Apply the appropriate patch for your system, available from the Hewlett Packard's web site, http://itrc.hp.com
HP-UX 9.x: PHSS_16799
HP-UX 10.0x and 10.10: PHSS_16800
HP-UX 10.20: PHSS_16845
HP-UX 11.00: PHSS_16846
Solaris 2.3 and 2.4: PSOV_02190
Solaris 2.5.1 and 2.6: PSOV_02191
A workaround is to disable the ftp service until patches are available. If this is not feasible, restrict access to the service. Ensure that anonymous users cannot create or write to any directories.
For information on the Security Patch Check tool for the HP-UX, see:
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6834AA
The security patch matrix is also available via anonymous ftp:
ftp://ftp.itrc.hp.com/export/patches/hp-ux_patch_matrix |
| Related URL |
CVE-1999-0254 (CVE) |
| Related URL |
6825 (SecurityFocus) |
| Related URL |
1387 (ISS) |
|
