Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: SNMP v3 trouble - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
SNMP v3 trouble

SNMP typically isn't the most loved protocol when it comes to security, most of this stems from the older versions.  The current version (SNMPv3) has a way to do authentication using a keyed-Hash Message Authentication Code (HMAC) HMAC.

It seems CERT is coordinating a vulnerability regarding this: "Implementations of SNMPv3 may allow a shortened HMAC code in the authenticator field to authenticate to an agent or a trap daemon using a minimum HMAC of 1 byte." Which obviously isn't the right thing to do.

Cisco has a security advisory on the topic, as will other vendors without much doubt.

Swa Frantzen -- Gorilla Security


760 Posts
Jun 11th 2008

Sign Up for Free or Log In to start participating in the conversation!