BugTraq
Back to list
|
Post reply
SNMP community string disclosure in Linksys WAP55AG
Feb 17 2004 11:08PM
NN Poster (nnposter mailandnews com)
(1 replies)
Linksys WAP55AG does not properly secure SNMP community strings. In particular, it is possible to obtain all community strings, including read/write, by querying OID 1.3.6.1.4.1.3955.2.1.13.1.2.
1.3.6.1.4.1.3955.2.1.13.1.2.1 = STRING: "public"
1.3.6.1.4.1.3955.2.1.13.1.2.2 = STRING: "private"
Verified on WAP55AG, firmware 1.07
Vendor notified 1/16/04 and 1/20/04, no response.
[ reply ]
Re: SNMP community string disclosure in Linksys WAP55AG
Feb 18 2004 09:14PM
Hugo van der Kooij (hvdkooij vanderkooij org)
(1 replies)
Re: SNMP community string disclosure in Linksys WAP55AG
Feb 19 2004 10:06PM
Robbie Stone (robbie serendipity palo-alto ca us)
Privacy Statement
Copyright 2010, SecurityFocus
Linksys WAP55AG does not properly secure SNMP community strings. In particular, it is possible to obtain all community strings, including read/write, by querying OID 1.3.6.1.4.1.3955.2.1.13.1.2.
1.3.6.1.4.1.3955.2.1.13.1.2.1 = STRING: "public"
1.3.6.1.4.1.3955.2.1.13.1.2.2 = STRING: "private"
Verified on WAP55AG, firmware 1.07
Vendor notified 1/16/04 and 1/20/04, no response.
[ reply ]