Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Network Appliances :: 3com7.htm

3Com SNMP vulnerabilities



Vulnerability

    3COM

Affected

    3COM

Description

    Nerijus Krukauskas found following.   It seems that 3Com does  not
    pay much atention how its SNMP is implemented. In 3Com  SuperStack
    II hubs  MIB there's  an OID:   .1.3.6.1.4.1.43.10.4.2.   Its name
    decodes to

        .iso.org.dod.internet.private.enterprises.a3Com.generic.security.securityUserTable.

    What You need to know that's read-only community and this OID will
    give you entire table  of communities (read-write and  read-only).
    If somebody knows  how to contact  3Com with such  reports forward
    this info to them.

Solution

    To be more accurate, this bug  can be found on 3Com SuperStack  II
    Port  Switch  Hubs  running   software  version  2.10.   The   bug
    disappeared  from  version  2.12.    New  software  versions   are
    available at

        http://support.3com.com/software/superstack_ii_ps_hub_40_fil es.htm


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH