WWW.PLAZASITE.COM Systems & Security Division Title: 3Com Netbuilder II SNMP ILMI Community Date: 15-5-2001 Platform: Only tested Netbuilder II routers Author: Juan Manuel Pascual (paskat_private) Status: Vendor Contacted but no answers received OVERVIEW: It seems to exist an undocumented read-only SNMP community in 3Com Netbuilder II Routers. The same happens in cisco and olicom routers. I checked this feature in Netbuilder II with CEC20 processor. CPU version 9.3 and serial card firmware is 2.5 Its really an old router. IMPACT: It is posible to obtain information from SNMP MiB. SOLUTION: Disable snmp server and update when the patch will be available. SPECIAL THANKS TO: Jose Manuel Pasamar: jpasamarat_private -------------------------------------------------------------------- This vulnerability was researched by: Juan Manuel Pascual Escriba: paskat_private
This archive was generated by hypermail 2b30 : Wed May 23 2001 - 18:14:40 PDT