TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
532
System (CatOS) contain a default configuration that allows a read-only Simple Network Management Protocol
(SNMP) community string to expose a read-write community string. The exposure occurs in the View-based Access
Control (VACM) MIB, which is a Management Information Base module that allows system administrators to
configure access policies for SNMP-managed devices. Cisco VACM for Catalyst Operating Software (CatOS) 5.5 and
6.1 and IOS 12.0 and 12.1 versions are vulnerable to the gain access flaw. The read-write community string grants an
attacker complete access to affected devices, allowing them to gather information, monitor network traffic, and alter or
disrupt network operation. Cisco has provided patches to resolve this issue.
Signature ID: 18010
SNMP MIB-II Miscellaneous data
Threat Level: Information
Nessus: 11026
Signature Description: An attacker gathers miscellaneous information from the SNMP daemon with the community
name provided in the configuration file. A misconfigured access point will allow an attacker to gain access to an
internal network without being physically present locally. If the access point is using an 'off-the-shelf' configuration,
the data being passed through the access point may be vulnerable to hijacking or sniffing. This SNMP daemon retrieves
information that is available to an attacker who has read access to SNMP. This module uses the community name
specified in the configuration file and does not attempt to guess the community name. This Attack will ask for mib
value 1.3.6.1.2.1.1.1.0
Signature ID: 18011
SNMP MIB-II Miscellaneous data
Threat Level: Information
Nessus: 11026
Signature Description: An attacker gathers miscellaneous information from the SNMP daemon with the community
name provided in the configuration file. A misconfigured access point will allow an attacker to gain access to an
internal network without being physically present locally. If the access point is using an 'off-the-shelf' configuration,
the data being passed through the access point may be vulnerable to hijacking or sniffing. This SNMP daemon retrieves
information that is available to an attacker who has read access to SNMP. This module uses the community name
specified in the configuration file and does not attempt to guess the community name. This Attack will ask for mib
value 1.3.6.1.2.1.1.4.0
Signature ID: 18012
SNMP MIB-II Miscellaneous data
Threat Level: Information
Nessus: 11026
Signature Description: An attacker gathers miscellaneous information from the SNMP daemon with the community
name provided in the configuration file. A misconfigured access point will allow an attacker to gain access to an
internal network without being physically present locally. If the access point is using an 'off-the-shelf' configuration,
the data being passed through the access point may be vulnerable to hijacking or sniffing. This SNMP daemon retrieves
information that is available to an attacker who has read access to SNMP. This module uses the community name
specified in the configuration file and does not attempt to guess the community name. This Attack will ask for mib
value 1.3.6.1.2.1.1.5.0
Signature ID: 18013
SNMP MIB-II Miscellaneous data
Threat Level: Information
Signature Description: An attacker gathers miscellaneous information from the SNMP daemon with the community
name provided in the configuration file. A misconfigured access point will allow an attacker to gain access to an