Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: SNMP v3 trouble - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
SNMP v3 trouble

SNMP typically isn't the most loved protocol when it comes to security, most of this stems from the older versions.  The current version (SNMPv3) has a way to do authentication using a keyed-Hash Message Authentication Code (HMAC) HMAC.

It seems CERT is coordinating a vulnerability regarding this: "Implementations of SNMPv3 may allow a shortened HMAC code in the authenticator field to authenticate to an agent or a trap daemon using a minimum HMAC of 1 byte." Which obviously isn't the right thing to do.

Cisco has a security advisory on the topic, as will other vendors without much doubt.

--
Swa Frantzen -- Gorilla Security

Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!