Bugtraq mailing list archives

Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point

From: Simon Richter <Simon.Richter () hogyros de>
Date: Fri, 9 Jan 2009 17:52:08 +0100

Hi,

WG102 offers the the typical SNMP write & SNMP read community password 'protection'.


SNMP communities are a safety, not a security measure. I know of very few
SNMP implementations that have protections against brute force or
dictionary attacks.

Proposed fixes:
 do not enable SNMP at all. vendor fix required.


This AP can use VLAN tagging to separate management traffic from user data,
which is generally a good idea in any environment.

   Simon

Current thread:

Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point mad-vaittes (Jan 09)
- Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point Simon Richter (Jan 09)
  - Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point Steve Shockley (Jan 09)
    - Re: Leak of SNMP write password via SNMP read community in NETGEAR WG102 - Prosafe 802.11g Access Point Simon Richter (Jan 09)