Signature Detail
Short Name |
SNMP:COMMUNITY:AVAYA-DEFCOM1 |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
SNMP |
Keywords |
Avaya Cajun Default Community String |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SNMP: Avaya Cajun Default Community String
This signature detects attempts to exploit a known vulnerability in the firmware for the Avaya Cajun P33x series hardware. Firmware for Avaya P130, M770-ATM, and M770 Supervisor M-SPX and M-SPS is vulnerable. Attackers with SNMP access can use an undocumented read/write community string to remotely administer the hardware.
Extended Description
Firmware for the Avaya Cajun line of network switches includes a default read/write community string. Remote attackers may use the community string to view/set potentially sensitive properties within the device. Denial of service, potential network compromise possible.
Affected Products
- Avaya Cajun M770-ATM Series Firmware 2.3.11
- Avaya Cajun M770 Supervisor Firmware 3.3.0
- Avaya Cajun P130 Series Firmware 2.9.1
- Avaya Cajun P330 Series Firmware 3.10.0
- Avaya Cajun P330 Series Firmware 3.11.0
- Avaya Cajun P330 Series Firmware 3.8.1
- Avaya Cajun P330 Series Firmware 3.8.2
- Avaya Cajun P330 Series Firmware 3.9.1
- Avaya M770-ATM
- Avaya M-SPX
- Avaya P130
- Avaya P330T
- Avaya P333R
References