CVE-2002-0012
CVSS10.0
发布时间 :2002-02-13 00:00:00
修订时间 :2008-09-10 15:11:03
NMCOS    

[原文]Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendo/ll>te wie o>= 0into multiple candidates, one or more for each vendo/ll>te wie o>= 0into multiple candidates, one or more for each vendo/ll>te wie o>= 0into multiple candidates, one or more for each vendo/ll>t o>= 0into mul ca >t o>= 0into mul acidatinroto one ll>towsiluse .

&nbs/ via SNMPv1 trap handling, as demonstrated by文c06-SNM国国家信息ink href="stpos(ame="q" typ e name="C class="sear#
ass [:英文 -reateElem nowr (基础分值)t. h2able name="C/td>
时间 :2ion( 15:D 机密性/="t:ber of SNMPme="C/b>COMPLETEsber of SNMPme="C/b_icon_nv67ss_[完 hr的信息泄露导致所有系统ly ype暴露]ber of SNMPmeOSVDB数td widthble name="C/b>完整性/="t:ber of SNMPme="C/b>COMPLETEsber of SNMPme="C/b_icon_nv67ss_[系统e整性/=被完 hr破坏]ber of SNMPmeOSVDB数td widthble name="C/b>可lr">/="t:ber of SNMPme="C/b>COMPLETEsber of SNMPme="C/b_icon_nv67ss_[=能导致系统e hr宕机]ber of SNMPmeOSVDB数td widthble name="C/b>攻击复杂度:ber of SNMPme="C/b>LOWsber of SNMPme="C/b_icon_nv67ss_[ef="stplr">有访问限制 ]ber of SNMPmeOSVDB数td widthble name="C/b>攻击向量:ber of SNMPme="C/b>NETWORKsber of SNMPme="C/b_icon_nv67ss_[e击者不需要获取内 hi访问权或本地访问权]ber of SNMPmeOSVDB数td widthble name="C/b>身份 c证:ber of SNMPme="C/b>NONEsber of SNMPme="C/b_icon_nv67ss_[ef="stplr">需身份 c证]ber of SNMPmeOSVDB数td cause a d -reateElem CWE (言"类目)h2able name="C/td>时间 :2ion( w WE-264 r of SNMPme="me="C/b_icon_nv67ss_[e限、特e举问控制] r of SNMPme="meOSVDB数td wtd cause a d -reateElem CPE (受影="t的/hee产品)h2abl C/td>时间 ::00:00产品及版本信息(CPE)暂不可lr"ap">修icon_n\"62%\"le="NVD数据已链 -reateElem "> (lr"fiel测的技术细节)h2able naC/td>时间 ::00:00Nte DoS/TndP, one or E.cnl one e="NVD数0:00Nte DoS/TndP, one or E.cnl one (Tmore1)e="NVD数0:00Nte s candidate ye="NVD数0:00*">详细的描述了l测该ef="st的方法,你p=xle从 It is ">定义ype=到更iyll测该ef="st的技术细节。<="NVD数据已链 -reateElem 官方文来于NVh2able naC/td>时间 :: _overview.hwrap=.prg/cgi-biniew.-001.cgi?-0012lass = "cvss_ br />(官方文源) urityber of SNMPmeOSVDB数td widthble name="C/b> _overvi eb./trenist.gov/e="/v catdetail?v caId2lass = "cvss_ br />(官方文源) ame="q" typ (官方文源) -reateElem 其它于NVngth源h2ablble naC/td>时间 ::00:00 ame="q" typkb.cert.prg/v cs/id/107186 br /> (VENDOR_ADVISORY) ame="q" typ ert.prg/advisories/CAs = "cv3eywor br /> (VENDOR_ADVISORY) ame="q" typ相关网站 bid/5043 br /> (PATCH) ame="q" typ相关网站 advisories/4211 br /> (VENDOR_ADVISORY) ame="q" typmicrosoft technet/相关/bulletiniMS "cvs6.asp br /> (VENDOR_ADVISORY) fe="q"patches.sgi support/free/相关/advisories/ = " "01-01-A br /> (VENDOR_ADVISORY) ame="q" typredhat support/errata/RHSAs = 1-163eywor br /> (VENDOR_ADVISORY) ame="q" typiss.net/相关_ /alerts/advise110SNM br /> (VENDOR_ADVISORY) te/c06/snmpv1
te/c06/snmpv1 te/c06/snmpv1 px; table-layout:fixed; word-break:break-all; } pre { width: 100%; height: 600px; }站首页">HOh2= click="pm('inro -reateElem > 时间 :2ion(inro tyle.css" rel="stylesheet" type="text/css" /> ef="st类型:设计错误ber of SNMPmeOSVDB数td widthble name="C/b> -bre>t="MITRE期:接" class="db_icon_mitre">name="C/b> -bre>更新RE期:5-10s =s="db_ico ber of SNMPmeOSVDB数td widthble name="C/b> -bre>e击路径:远程n_mitre">name="C/b>ge number of SNMPmeOSVDB数td widthble name="C/b_col严重(H> -bre>详细介绍:ber of SNMPmeOSVDB数td widthble name="C/b_col严重(H> -reateElem 公告举丁h2abl C/td>时间 :2ion(bulletin 需有效的/令。
fe="q"fe=.3com pub supersvend-ii supersvend-ii-ps-hub-40/psh02_16.exe
fe="q"fe=.3com pub supersvend-ii supersvend-ii-ps-hub-50/psf02_16.exe
fe="q"fe=.3com pub supersvend-ii supersvend-ii-hub-500/dsh02_16.exe
fe="q"fe=.3com pub supersvend-ii supersvend-ii-11vs/s2s02_68.exe
fe="q"fe=.3com pub supersvend_3/switch_44vs/s3m02_02.exe
fe="q"fe=.3com pub supersvend-ii supersvend-ii-11vs/s2s02_68.exe
fe="q"fe=.3com pub webcache/ nts/s3b_02_00.bin
fe="q"fe=.3com pub webcache/ nts/s3b_02_00.bin
te s candidate ies

=s/p="n/binary-alpha/libsnmp4.1-dev_4.1.1-2.1_alphapdebforLIT th=_blank>
=s/p="n/binary-alpha/libsnmp4.1-dev_4.1.1-2.1_alphapdeb
=s/p="n/binary-alpha/libsnmp4.1_4.1.1-2.1_alphapdebforLIT th=_blank>
=s/p="n/binary-alpha/libsnmp4.1_4.1.1-2.1_alphapdeb
=s/p="n/binary-alpha/snmp_4.1.1-2.1_alphapdebforLIT th=_blank>
=s/p="n/binary-alpha/snmp_4.1.1-2.1_alphapdeb
=s/p="n/binary-alpha/snmpd_4.1.1-2.1_alphapdebforLIT th=_blank>
=s/p="n/binary-alpha/snmpd_4.1.1-2.1_alphapdeb
=s/p="n/binary-arm/libsnmp4.1-dev_4.1.1-2.1_armpdebforLIT th=_blank>
=s/p="n/binary-arm/libsnmp4.1-dev_4.1.1-2.1_armpdeb
=s/p="n/binary-arm/libsnmp4.1_4.1.1-2.1_armpdebforLIT th=_blank>
=s/p="n/binary-arm/libsnmp4.1_4.1.1-2.1_armpdeb
=s/p="n/binary-arm/snmp_4.1.1-2.1_armpdebforLIT th=_blank>
=s/p="n/binary-arm/snmp_4.1.1-2.1_armpdeb
=s/p="n/binary-arm/snmpd_4.1.1-2.1_armpdebforLIT th=_blank>
=s/p="n/binary-arm/snmpd_4.1.1-2.1_armpdeb
=s/p="n/binary-i386/libsnmp4.1-dev_4.1.1-2.1_i386pdebforLIT th=_blank>
=s/p="n/binary-i386/libsnmp4.1-dev_4.1.1-2.1_i386pdeb
=s/p="n/binary-i386/libsnmp4.1_4.1.1-2.1_i386pdebforLIT th=_blank>
=s/p="n/binary-i386/libsnmp4.1_4.1.1-2.1_i386pdeb
=s/p="n/binary-i386/snmp_4.1.1-2.1_i386pdebforLIT th=_blank>
=s/p="n/binary-i386/snmp_4.1.1-2.1_i386pdeb
=s/p="n/binary-i386/snmpd_4.1.1-2.1_i386pdebforLIT th=_blank>
=s/p="n/binary-i386/snmpd_4.1.1-2.1_i386pdeb
""""""""ber of SNMPmeOSVDB数td cause a d c="/ ">H -reateElem > 时间 :2ion(inro an clas00SNMPmeOdthble name="C/b_col严重(H> -bre>s ID:ble name="C"http://www.scapn cl.prg/how/pn cl/810forLIT th=_blank> 810 r of SNMPmeOSVDB数td widthble name="C/b_col严重(H>t.location. -bre>ef="stp称:Meach venVe="Se Malrotoed Se caT ve Ho/ll>te DoSn_mitre">name="f SNMPmeOSVDB数td widthble name="C/b_icon_nv13%=". -bre>> bl Ror eac/ Network Accessber of SNMPme="C/b_icon_nv2vss_. -bre>plr">式:bl D 0into muStiple , I); Manipul one e= r of SNMPmeOSVDB数td widthble name="C/b". -bre>> Losso muAwsilusate ye="NVble name="C/b". -bre>解决方式: ber of SNMPmeOSVDB数td widthble name="C/b> -bre>ef="stplr":Exploit Publice="NVble name="C/b". -bre>公开方式: ber of SNMPmeOSVDB数td wicause a d >H -reateElem > 时间 :2ion(inro disidth=ne aB数td widthble name="C/b>Manyple candidates, one or00%"dateflawsnto mumayr more a for eac 0into multiple . The issue is trigger multiexploit>te flawsnateple watiple for eacarchbox-oarccessesch ves,/Tndendo/reseacnatelosso muawsilusate y ca >ple pl oroto.ber of SNMPmeOSVDB数td wicause a d >H -reateElem >ss="d线t. h2abl C/td>时间 :2ion(inro timeaB数td widthble name="C/b_icon_nv13%=". -bre>公开E期:bl 接" cla2ber of SNMPme="C/b_icon_nv2vss_. -bre>p现RE期:bl Unknowe= r of SNMPmeOSVDB数td widthble name="C/b". -bre>plr">期:接" cla2ber of SNMPme="C/b". -bre>解决日期:Unknow ber of SNMPmeOSVDB数td wicause a d ble naCh2= click="pm('inro solu=ne ')ap">-reateElem 解决方案t. h2able nameC/td>时间 :2ion(inro solu=ne aB数td widthble name="C/b"Ruterl>tele="Se-specific advisory ca >upgraabd/Tndworkaroundso n affec>= arcducts.ber of SNMPmeOSVDB数td wicause a d >He naCh2= click="pm('inro tp:')ap">-reateElem It is参考t. h2able nameC/td>时间 :2ion(inro tp:as00SNMPmeOdthble name="C/b_col严重(H> ul> . clCERT VU:de 107186 = "cvss_ (see>so:"C"http://www.sca/trenist.gov//trecfm?ew.-0012lass = "cvss_demLIT th=_blank> 4088 CAs = "cv3 fe="q"fe=.freebsrext" pub FreeBSD/CERT/advisories/FreeBSD-SA" c:11.snmp.asc rchives.neohvesi archives/bugh vq/ = "cv8/att" c95/00-NOVLs = "c2961546_-_for ea_T ve_Tn_Request_Ho/ll>te.ts demLIT th=_blank> ch"> rchives.neohvesi archives/bugh vq/ = "cv8/att" c95/00-NOVLs = "c2961546_-_for ea_T ve_Tn_Request_Ho/ll>te.ts
h = 00. ty2.hp bizsupport/TechSupport/Dclass="ljsp?objec>ID=c0105014_demLIT th=_blank> _overvih = 00. ty2.hp bizsupport/TechSupport/Dclass="ljsp?objec>ID=c0105014_
typbmc inro nbsp;_support/nmp_cert_advise041802 id="forLIT th=_blank> ame="q" typbmc inro nbsp;_support/nmp_cert_advise041802 id="
typciscoa namearp/public/707/cisco-malrotoed-snmp-msgs-pub.sid="forLIT th=_blank> ame="q" typciscoa namearp/public/707/cisco-malrotoed-snmp-msgs-pub.sid="
typgdc arcducts/bulletin.sid="forLIT th=_blank> ame="q" typgdc arcducts/bulletin.sid="
typjuniper.net/alerts/e="alertljsp?ac=ne Btn=Se" --&ts AlertNto mu=FA-SW- " "cvs1&e="Mode=e="forLIT th=_blank> ame="q" typjuniper.net/alerts/e="alertljsp?ac=ne Btn=Se" --&ts AlertNto mu=FA-SW- " "cvs1&e="Mode=e="
typjuniper.net/support/相关/alerts/snmp.id="forLIT th=_blank> ame="q" typjuniper.net/support/相关/alerts/snmp.id="
typmetrosate y support/cert.SNMP"LIT th=_blank> ame="q" typmetrosate y support/cert.SNM
typmicromuse supportgate/certadvisoryca = "cv3eywords"LIT th=_blank> ame="q" typmicromuse supportgate/certadvisoryca = "cv3eywor
typoracle technetwork/topics/相关/public-v ca-to-advisory-mapp>te-" --101497eywords"LIT th=_blank> ame="q" typoracle technetwork/topics/相关/public-v ca-to-advisory-mapp>te-" --101497eywor
typredhat support/errata/RHSAs = 1-163eywords"LIT th=_blank> ame="q" typredhat support/errata/RHSAs = 1-163eywor fe="q"patches.sgi support/free/相关/advisories/ = " "01-01-A te/c06/snmpv1 te/c06/snmpv1 MS "cvs6 -reateElem > 时间 :2ion(inro authoras00SNMPmeOdthble name="C/b_col严重(H> er of SNMPmeOSVDB数td cause a d >H c="/td a hrion(相关网站">00px; table-layout:fixed; word-break:break-all; } pre { width: 100%; height: 600px; }站首页">HCh2= click="pm('inro s:')ap">-reateElem > 时间 :2ion(inro s:as00SNMPmeOdthble name="C/b_col严重(H>t.location. -bre>ef="stp称:HP MPE/iX Malrotoed Se cas candidate ye="NVre">name="f SNMPmeOSVDB数td widthble name="C/b_icon_nv13%=". -bre>> ble name=" Failurel>teHo/lle Exceh=ne al Cond $sber of SNMPme="C/b_icon_nv2vss_. -bre>Bugh vqID:ble name="C"http://www.sca typ相关网站 bid/5043/forLIT th=_blank> 5043 r of SNMPmeOSVDB数td widthble name="C/b". -bre>远程溢出:Yesber of SNMPme="C/b". -bre>>地溢出:No ber of SNMPmeOSVDB数td widthble name="C/b> -bre>t="MITRE期:接" 6-18 12db_icon_mitre">name="C/b> -bre>更新RE期:9-07-11 01:56ico ber of SNMPmeOSVDB数td widthble name="C/b_col严重(H> -bre>> ble name=" Discover multiple OuluaUniversn [:etPrcgramm>te Group.ber of SNMPmeOSVDB数td wicause a d >He na="f SNMPmeOh2= click="pm('inro ver1')ap">-reateElem 受影="t的程序版本t. h2able nameC/td>时间 :2ion(inro ver1aB数td widthble name="C/b>HP MPE/iX 7.o bbr/P HP MPE/iX 6.5 bbr/P HP MPE/iX 6.o bbr/P HP MPE/iX 5.5 bbr/P HP MPE/iX 5.o bbr/P HP MPE/iX 4.5 bbr/P HP MPE/iX 4.o bbr/P ber of SNMPmeOSVDB数td wicause a d e na="f SNMPmeOh2= click="pm('inro disiu5:')ap">-reateElem > 时间 :2ion(inro disiu5:D te s candidate ies" desidtb muin BID 4088,/Tnd"Meach venVe="Se le caRequest Ho/ll>te s candidate ies" disiu5: muin BID 4089.ber of SNMPmeOSVDB数td wicause a d >He na="eOh2= click="pm('inro exploit')ap">-reateElem > 时间 :2ion(inro exploita -reateElem 解决方案t. h2able nameC/td>时间 :2ion(inro solu=ne aB数td widthble name="C/b" Patches>aetawsilusle:bbr/Pbbr/P e="Cbr/P HP MPE/iX 6.o bbr/P ul> . cl HP le GDL9Abbr/P Thid/patch id/depe="abs oteple fomore>te patches: e na=" NMSGDF2A>a >lasp; NMS/patch (NMSGDF2A>id/GR) e na=" NMCGDF3A>a >lasp; NMC/patch (NMCGDM4A>id/GR)bbr/P C"http://www.scaitrc.hp > ame="q"itrc.hp clbbr/P beul> e="Cbr/P HP MPE/iX 6.5 bbr/P ul> . cl HP le GDM0Abbr/P Thid/patch id/depe="abs oteple fomore>te patches: e na=" NMSGDD3A>a >lasp; NMS/patch (NMSGDD3A>id/GR) e na=" NMCGDD2A>a >lasp; NMC/patch (NMCGDM5A>id/GR)bbr/P C"http://www.scaitrc.hp > ame="q"itrc.hp clbbr/P beul> e="Cbr/P HP MPE/iX 7.o bbr/P ul> . cl HP le GDM1Abbr/P Thid/patch id/depe="abs oteple fomore>te patches: e na=" NMSGDD6A>a >lasp; NMS/patch (NMSGDD6A>id/GR) e na=" NMCGDD5A>a >lasp; NMC/patch (NMCGDD5A>id/GR)bbr/P C"http://www.scaitrc.hp > ame="q"itrc.hp clbbr/P beul>ber of SNMPmeOSVDB wicause a d >He na="eOh2= click="pm('inro tp:')ap">-reateElem It is参考t. h2able nameC/td>时间 :2ion(inro tp:as00SNMPmeOdthble name="C/b_col严重(H> ul> . clC"http://www.scapnl>tep相关网站 bid/4088d>BID 4088 - Meach venVe="Se le caT ve Ho/ll>te s candidate ies ([:英F站)bbr/P tep相关网站 bid/4089d>BID 4089 - Meach venVe="Se le caRequest Ho/ll>te s candidate ies ([:英F站)bbr/P H c="/ c="/st c="/td }c="/st时间 :2cellpadd>teable>cell严c>teables00SNOdthble naC/b_时间 ::