Secunia Logo
Netsikker nu! 2008
 Vulnerability IntelligenceVulnerability ScanningBlog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Intelligence > Secunia Advisories > Cisco Products SNMPv3 Two Vulnerabilities
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists & RSS
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About
 
Cisco Products SNMPv3 Two Vulnerabilities
Secunia Advisory: SA30612
Advisory Toolbox:
Issue ticket
Save in to-do list
Mark as handled
Exploit information
Download as PDF
Review actions
Add comment
Release Date: 2008-06-11
Popularity: 5,602 views

Critical:
Moderately critical
Impact: Spoofing
Where: From local network
Solution Status: Vendor Patch

OS:Cisco Application Control Engine (ACE) Appliance
Cisco Application Control Engine (ACE) XML Gateway
Cisco CATOS 6.x
Cisco CATOS 7.x
Cisco CATOS 8.x
Cisco IOS 12.x
Cisco IOS R12.x
Cisco IOS XR 3.x
Cisco NX-OS 4.x
Cisco SAN-OS 2.x (MDS 9000 Switches)
Cisco SAN-OS 3.x (MDS 9000 Switches)

Software:Cisco Application Control Engine (ACE) Module
Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2008-0960
Description:
Two vulnerabilities have been reported in various Cisco products, which can be exploited by malicious people to spoof authenticated SNMPv3 packets.

The vulnerabilities are caused due to errors in the authentication code of multiple SNMPv3 implementations and can be exploited via specially crafted SNMPv3 packets using HMAC-MD5-96 or HMAC-SHA-96 as authentication protocol.

Successful exploitation allows to disclose certain network information or make configuration changes on a vulnerable device, but requires that the SNMP server is enabled (disabled by default).

This is related to:
SA30574

The vulnerabilities are reported in the following products:
* Cisco IOS
* Cisco IOS-XR
* Cisco Catalyst Operating System (CatOS)
* Cisco NX-OS
* Cisco Application Control Engine (ACE) Module
* Cisco ACE Appliance
* Cisco ACE XML Gateway
* Cisco MDS 9000 Series Multilayer Fabric Switches

Solution:
Update to fixed versions (please see vendor advisory for details).

Provided and/or discovered by:
The vendor credits Dr. Tom Dunigan of the University of Tennessee and Net-SNMP.

Original Advisory:
http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml

Other References:
SA30574:
http://secunia.com/advisories/30574/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

10th Oct, 2008
New advisories: 15
New vulnerabilities: 83
Updated advisories: 41

Moderately // 382 views
ScriptsEz Easy Image Downloader "id" File Disclosure Vulnerability
Moderately // 379 views
Built2go Real Estate Listings "event_id" SQL Injection
Highly // 578 views
Sun Java System Web Proxy Server FTP Subsystem Buffer Overflow
Moderately // 415 views
Red Hat update for cups
Highly // 423 views
DFF PHP Framework API "DFF_config[dir_incl ude]" File Inclusion Vulnerabilities
Not // 449 views
FUJITSU Interstage Products Apache Tomcat Security Bypass
Moderately // 700 views
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
Moderately // 410 views
Fedora update for condor
Moderately // 744 views
CUPS Multiple Vulnerabilities
Not // 472 views
Gentoo Portage Insecure Python Module Search Path Security Issue

Solutions | More...  

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Subdreamer Light Global Variables SQL Injection Vulnerability // 31 views
2. Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities // 30 views
3. CA ARCserve Backup Multiple Vulnerabilities // 24 views
4. Sun Java System Web Proxy Server FTP Subsystem Buffer Overflow // 24 views
5. PluggedOut Blog "index.php" SQL Injection Vulnerabilities // 24 views
6. Apple Mac OS X Security Update Fixes Multiple Vulnerabilities // 21 views
7. PHP Real Estate Classifieds "id" SQL Injection // 19 views
8. Journalness "last_module" PHP Code Execution // 18 views
9. GNUBoard "doc" Parameter Arbitrary File Inclusion Vulnerability // 18 views
10. ScriptsEz Easy Image Downloader "id" File Disclosure Vulnerability // 17 views



Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008