Quoting harikiri (harikiriat_private): > > It appears that on the above releases of AIX, the SNMP daemon is enabled > by default and two community names are enabled with read/write privileges. > The community names are "private" and "system", but are only allowed from > localhost connections. Nevertheless, a local user may install an SNMP > client, and modify sensitive variables. > This is fixed in AIX 4.3 with APAR IY04865 and was announced on the Security_APARs mailing list from aixservat_private in January. Customers wishing to subscribe to this list should send email to aixservat_private with a subject of "Subscribe Security_APARs". -- Troy Bollinger troyat_private AIX Security Development security-alertat_private PGP keyid: 1024/0xB7783129 Troy's opinions are not IBM policy
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:35:32 PDT