- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- SNMP vulnerabilities
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-25-2008 07:22 PM
тАО11-25-2008 07:22 PM
1)SNMPv1Discovery: SNMP version 1 detected
2)SNMPv2Discovery: SNMP version 2 detected
Details are as follows
SNMP (Simple Network Management Protocol) is the primary standard for Internet network management. SNMP services are included
in almost every operating system, router, switch, cable or DSL modem, and firewall. Various implementations of SNMPv1 are vulnerable
to a wide range of attacks. Incorrectly formatted input in SNMP messages can crash the operating systems and devices that use SNMP.
These vulnerabilities may be possible to exploit remotely, allowing an attacker to compromise remote systems and devices. SNMP
packets containing invalid fields or data lengths can indicate an attack against SNMP.
What are the solutions available?I got referred to CERT Advisory CA-2002-03 but not sure what needs to be done.
Thanks a lot.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-26-2008 10:33 AM
тАО11-26-2008 10:33 AM
Re: SNMP vulnerabilities
JetDirect Firmware Version State
========================== =====
-->> X.08.32 and lower VULNERABLE
-->> (where X = A through K)
-->> X.21.00 and higher NOT vulnerable
-->> (where X = L through P)
You can upgrade the firmware on your printservers to version L.21.00 or higher.
If you don't use the SNMP service, you can disable it. Connect to the jetdirect printserver via telnet or a web browser and disable it. Not that not all jetdirect models allow you to disable it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-26-2008 06:13 PM
тАО11-26-2008 06:13 PM
Re: SNMP vulnerabilities
It has nothing to do with network printers. Our environments host websites. So we are mainly concerned with people who can hack into our systems. The vulnerabilities indicated are what need to be resolved.
For your necessary advice.
Regards
Feng Lin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-27-2008 04:21 AM
тАО11-27-2008 04:21 AM
Re: SNMP vulnerabilities
So do you have SNMP running anywhere? SNMP could be running on any network device such as a server, a network printer, a network switch, a fiber switch, a disk array etc. You need to find out if you have it running and upgrade it as per the CERT alert and each vendor's recommendation. If you do not use the snmp service to get status information on each device you should turn it off.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-28-2008 02:21 AM
тАО11-28-2008 02:21 AM
Re: SNMP vulnerabilities
SNMP version 2 is installed on the HP-UX servers and we have received the vulnerabilities indicated in my first post.
Does this mean I need to upgrade to version 3? Are there other alternatives? Any patches will solve this issue in SNMP version 2? We need snmp for monitoring purposes.
Regards
Feng Lin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-28-2008 06:15 AM
тАО11-28-2008 06:15 AM
Re: SNMP vulnerabilities
http://www.cert.org/advisories/CA-2002-03.html
SOLUTION: Apply patches or implement workarounds. See below.
For HP-UX releases:
PHSS_26137 s700_800 HP-UX 10.20 OV EMANATE14.2 Agent
PHSS_26138 s700_800 HP-UX 11.X OV EMANATE14.2 Agent
PSOV_03087 Solaris 2.X EMANATE Release 14.2
For systems running OV NNM:
PHSS_26286 s700_800 HP-UX 10.20 ovtrapd large trap fix
PHSS_26287 s700_800 HP-UX 11.X ovtrapd large trap fix
PSOV_03100 Solaris 2.X ovtrapd large trap fix
NNM_00857 NT 4.X/Windows 2000 ovtrapd large trap fix
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-28-2008 10:48 PM
тАО11-28-2008 10:48 PM
Re: SNMP vulnerabilities
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-29-2008 03:39 PM
тАО11-29-2008 03:39 PM
Re: SNMP vulnerabilities
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-30-2008 09:46 PM
тАО11-30-2008 09:46 PM
Re: SNMP vulnerabilities
Does patch PHSS_26138 solve the following vulnerabilitie
1) snmp: SNMP can reveal possibly sensitive information about hosts
2) Snmp Get Public Community: SNMP_Get able to retrieve Public Community Name
3) SnmpSysdescr: SNMP SysDescr variable can be returned from remote system
If no, what are the patches that solve the above errors?
FYI, my HP_UX servers are B.11.23.
Thanks a lot.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-01-2008 12:43 AM
тАО12-01-2008 12:43 AM
Re: SNMP vulnerabilities
It isn't for 11.23.
>what are the patches that solve the above errors?
Have you looked up CA-2002-03 so see what patches it suggests for HP-UX?