Signature Detail

SNMP: Orinoco SNMP Information Disclosure

This signature detects attempts to exploit a known vulnerability in the Orinoco Residential Gateway and Compaq WL310 access points. Attackers can send a maliciously crafted packet that queries the access point's unique SNMP community string to obtain sensitive information. Attackers can access (and possibly change) the access point system configuration, including Wired Equivalent Privacy (WEP) keys and Domain Name Service (DNS) information.

Extended Description

Orinoco is the manufacturer of various wireless network components, including access points and network cards. It is possible to remotely gain access to the identification string used for configuration of OEM access points manufactured by Orinoco through SNMP. By sending a custom-crafted SNMP query to a vulnerable access point, the access point will return system credentials, including the identification string. This identification string can be used as the administrative community string.

Affected Products

• Compaq Wireless LAN WL310
• Proxim Orinoco Residential Gateway RG-1000

References

• BugTraq: 5436
• CVE: CVE-2002-0812
• URL: http://online.securityfocus.com/advisories/4370