Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SNMP:HMAC-AUTH-BYPASS

Severity

 Medium

Recommended

 No

Category

 SNMP

Keywords

 HMAC Authentication Bypass

Release Date

 2008/06/17

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SNMP: HMAC Authentication Bypass


This signature detects attempts to circumvent authentication in SNMPv3. Attackers sending large volumes of crafted SNMP packets may be able to read and/or write to SNMP MIB targets. A successful attack can result in information disclosure or system compromise.

Extended Description

Net-SNMP is prone to a remote authentication-bypass vulnerability caused by a design error. Successfully exploiting this issue will allow attackers to gain unauthorized access to the affected application. Net-SNMP 5.4.1, 5.3.2, 5.2.4, and prior versions are vulnerable.

Affected Products

  • Apple Mac OS X 10.4.11
  • Apple Mac OS X 10.5
  • Apple Mac OS X 10.5.1
  • Apple Mac OS X 10.5.2
  • Apple Mac OS X 10.5.3
  • Apple Mac OS X Server 10.4.11
  • Apple Mac OS X Server 10.5
  • Apple Mac OS X Server 10.5.1
  • Apple Mac OS X Server 10.5.2
  • Apple Mac OS X Server 10.5.3
  • Avaya Aura Application Enablement Services 3.1.5
  • Avaya Aura Application Enablement Services 4.2
  • Avaya Aura SIP Enablement Services 3.1.1
  • Avaya Aura SIP Enablement Services 5.0
  • Avaya Communication Manager 3.0
  • Avaya Communication Manager 3.1
  • Avaya Communication Manager 4.0
  • Avaya Communication Manager 5.0
  • Avaya EMMC 1.017
  • Avaya EMMC 1.021
  • Avaya Interactive Response 2.0
  • Avaya Interactive Response 3.0
  • Avaya Intuity AUDIX
  • Avaya Intuity AUDIX LX 2.0
  • Avaya Intuity Audix R5
  • Avaya Message Networking 3.1
  • Avaya Message Networking MN 3.1
  • Avaya Message Networking
  • Avaya Messaging Storage Server 1.0
  • Avaya Messaging Storage Server 2.0
  • Avaya Messaging Storage Server 3.1
  • Avaya Messaging Storage Server 4.0
  • Avaya Messaging Storage Server MM3.0
  • Avaya Messaging Storage Server
  • Cisco ACE Appliance
  • Cisco ACE XML Gateway
  • Cisco Application & Content Networking Software 4.0.3
  • Cisco Application & Content Networking Software 4.1.1
  • Cisco Application & Content Networking Software 4.1.3
  • Cisco Application & Content Networking Software 4.2.0
  • Cisco Application & Content Networking Software 4.2.11
  • Cisco Application & Content Networking Software 4.2.7
  • Cisco Application & Content Networking Software 4.2.9
  • Cisco Application & Content Networking Software 5.0.0
  • Cisco Application & Content Networking Software 5.0.1
  • Cisco Application & Content Networking Software 5.0.17 .6
  • Cisco Application & Content Networking Software 5.0.3
  • Cisco Application & Content Networking Software 5.0.5
  • Cisco Application & Content Networking Software 5.1.0
  • Cisco Application & Content Networking Software 5.1.11 .6
  • Cisco Application & Content Networking Software 5.1.13 .7
  • Cisco Application & Content Networking Software 5.1.15
  • Cisco Application & Content Networking Software 5.1.9
  • Cisco Application & Content Networking Software 5.2.0
  • Cisco Application & Content Networking Software 5.2.1 .7
  • Cisco Application & Content Networking Software 5.2.3 .9
  • Cisco Application & Content Networking Software 5.2.7
  • Cisco Application & Content Networking Software 5.3.3
  • Cisco Application & Content Networking Software 5.5.11
  • Cisco Application & Content Networking Software 5.5.7
  • Cisco Application & Content Networking Software
  • Cisco Application & Content Networking Software (ACNS)
  • Cisco Application Control Engine (ACE) Module
  • Cisco CatOS
  • Cisco Internet Streamer CDS
  • Cisco IOS
  • Cisco IOS XR
  • Cisco MDS 9000
  • Cisco NX-OS
  • Cisco Wide Area Application Services (WAAS) 4.0.13
  • Cisco Wide Area Application Services (WAAS) 4.0.17
  • Cisco Wide Area Application Services (WAAS) 4.0.18
  • Cisco Wide Area Application Services (WAAS) 4.0.19
  • Cisco Wide Area Application Services (WAAS) 4.0.7
  • Cisco Wide Area Application Services (WAAS) 4.0.9
  • Cisco Wide Area Application Services (WAAS)
  • Cisco Wireless LAN Control 3.2
  • Cisco Wireless LAN Control 4.0
  • Cisco Wireless LAN Control 4.1
  • Cisco Wireless LAN Control 5.0
  • Cisco Wireless LAN Control 5.1
  • Cisco Wireless LAN Controller Module
  • Debian Linux 4.0
  • Debian Linux 4.0 Alpha
  • Debian Linux 4.0 Amd64
  • Debian Linux 4.0 Arm
  • Debian Linux 4.0 Hppa
  • Debian Linux 4.0 Ia-32
  • Debian Linux 4.0 Ia-64
  • Debian Linux 4.0 M68k
  • Debian Linux 4.0 Mips
  • Debian Linux 4.0 Mipsel
  • Debian Linux 4.0 Powerpc
  • Debian Linux 4.0 S/390
  • Debian Linux 4.0 Sparc
  • eCosCentric eCos
  • Gentoo Linux
  • HP OpenView SNMP Emanate Master Agent 15
  • Ingate Firewall 3.1.0
  • Ingate Firewall 3.2.0
  • Ingate Firewall 3.2.1
  • Ingate Firewall 3.3.1
  • Ingate Firewall 4.1.3
  • Ingate Firewall 4.2.0 .1
  • Ingate Firewall 4.2.0 .2
  • Ingate Firewall 4.2.0 .3
  • Ingate Firewall 4.3.0
  • Ingate Firewall 4.3.1
  • Ingate Firewall 4.3.2
  • Ingate Firewall 4.3.3
  • Ingate Firewall 4.3.4
  • Ingate Firewall 4.4.1
  • Ingate Firewall 4.5.1
  • Ingate Firewall 4.5.2
  • Ingate Firewall 4.6.0
  • Ingate Firewall 4.6.1
  • Ingate Firewall 4.6.4
  • Ingate Firewalll 4.4
  • Ingate SIParator 3.1.0
  • Ingate SIParator 3.2.0
  • Ingate SIParator 3.2.1
  • Ingate SIParator 3.3.1
  • Ingate SIParator 4.2.1
  • Ingate SIParator 4.2.2
  • Ingate SIParator 4.2.3
  • Ingate SIParator 4.3.0
  • Ingate SIParator 4.3.1
  • Ingate SIParator 4.3.2
  • Ingate SIParator 4.3.3
  • Ingate SIParator 4.3.4
  • Ingate SIParator 4.4
  • Ingate SIParator 4.4.1
  • Ingate SIParator 4.5.1
  • Ingate SIParator 4.5.2
  • Ingate SIParator 4.6.0
  • Ingate SIParator 4.6.1
  • Ingate SIParator 4.6.4
  • Juniper Networks Session and Resource Control Appliance 1.0.0
  • Juniper Networks Session and Resource Control Appliance 1.0.1
  • Juniper Networks Session and Resource Control Appliance 2.0.0
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Linux Mandrake 2007.1
  • Mandriva Linux Mandrake 2007.1 X86 64
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Mandriva Linux Mandrake 2008.1
  • Mandriva Linux Mandrake 2008.1 X86 64
  • Mandriva Multi Network Firewall 2.0.0
  • Net-SNMP 5.2.4
  • Net-SNMP 5.3.2
  • Net-SNMP 5.4.1
  • Nortel Networks Switched Firewall 5000 series
  • Nortel Networks Switched Firewall 5100 series
  • Nortel Networks Switched Firewall 5300 Series
  • Nortel Networks Switched Firewall 5400 Series
  • Nortel Networks Switched Firewall 5600 Series
  • Nortel Networks Switched Firewall 5700 Series
  • Nortel Networks Switched Firewall 6000 series
  • Nortel Networks Switched Firewall 6400 Series
  • Nortel Networks Switched Firewall 6600 Series
  • Red Hat Desktop 3.0.0
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux Desktop Version 4
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux WS 4
  • Red Hat Enterprise Linux WS 5
  • Red Hat Fedora 7
  • Red Hat Fedora 8
  • Red Hat Fedora 9
  • Slackware Linux 12.0
  • Slackware Linux 12.1
  • Slackware Linux -Current
  • Sun OpenSolaris Build Snv 01
  • Sun OpenSolaris
  • Sun Solaris 10 Sparc
  • Sun Solaris 10 X86
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE Novell Linux POS 9
  • SuSE Open-Enterprise-Server
  • SuSE openSUSE 10.2
  • SuSE openSUSE 10.3
  • SuSE openSUSE 11.0
  • SuSE SUSE Linux Enterprise Desktop 10 SP1
  • SuSE SUSE Linux Enterprise Desktop 10 SP2
  • SuSE SUSE Linux Enterprise SDK 10.SP1
  • SuSE SUSE Linux Enterprise SDK 10 SP2
  • SuSE SUSE Linux Enterprise Server 10 SP1
  • SuSE SUSE Linux Enterprise Server 10 SP2
  • SuSE SUSE Linux Enterprise Server 9
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 7.10 Amd64
  • Ubuntu Ubuntu Linux 7.10 I386
  • Ubuntu Ubuntu Linux 7.10 Lpia
  • Ubuntu Ubuntu Linux 7.10 Powerpc
  • Ubuntu Ubuntu Linux 7.10 Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 8.10 Amd64
  • Ubuntu Ubuntu Linux 8.10 I386
  • Ubuntu Ubuntu Linux 8.10 Lpia
  • Ubuntu Ubuntu Linux 8.10 Powerpc
  • Ubuntu Ubuntu Linux 8.10 Sparc
  • UCD-SNMP 4.2.6
  • VMWare ESX Server 2.5.4
  • VMWare ESX Server 2.5.4 Patch 1
  • VMWare ESX Server 2.5.4 Patch 10
  • VMWare ESX Server 2.5.4 Patch 13
  • VMWare ESX Server 2.5.4 Patch 15
  • VMWare ESX Server 2.5.4 Patch 16
  • VMWare ESX Server 2.5.4 Patch 17
  • VMWare ESX Server 2.5.4 Patch 19
  • VMWare ESX Server 2.5.4 Patch 3
  • VMWare ESX Server 2.5.4 Patch 5
  • VMWare ESX Server 2.5.5
  • VMWare ESX Server 2.5.5 Patch 2
  • VMWare ESX Server 2.5.5 Patch 4
  • VMWare ESX Server 2.5.5 Patch 5
  • VMWare ESX Server 2.5.5 Patch 6
  • VMWare ESX Server 2.5.5 Patch 8
  • VMWare ESX Server 3.0.1
  • VMWare ESX Server 3.0.2
  • VMWare ESX Server 3.0.3
  • VMWare ESX Server 3.5

References

  • CVE: CVE-2008-0960
  • URL: http://www.ocert.org/advisories/ocert-2008-006.html
  • URL: http://sourceforge.net/forum/forum.php?forum_id=833770

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out