BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
[oCERT-2008-006] multiple SNMP implementations HMAC authenticationspoofing Jun 09 2008 11:06PM
Andrea Barisani (lcars ocert org)

2008/06/09 #2008-006 multiple SNMP implementations HMAC authentication spoofing

Description:

Some SNMP implementations include incomplete HMAC authentication code that
allows spoofing of authenticated SNMPv3 packets.

The authentication code reads the length to be checked from sender input,
this ...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus