Intrusion Prevention

SNMP.HMAC.Validation.Authentication.Bypass

Description

This indicates an attempt to exploit an authentication-bypass vulnerability in the SNMPv3 software implementation.
The vulnerability is caused by an error when the vulnerable software handles a crafted SNMPv3 HMAC authenticator field. It allows a remote attacker to gain read/write access to these vulnerable systems.

Affected Products

Net-SNMP Net-SNMP 5.2.4
Net-SNMP Net-SNMP 5.3.2
Net-SNMP Net-SNMP 5.4.1

Impact

Security Bypass: Remote attackers can bypass security checking of vulnerable systems.

Recommended Actions

Upgrade to the latest version/firmware, available from the vendor's site.

CVE References

CVE-2008-0960