CVE-2004-0312 - Linksys WAP55AG SNMP Community String Insecure Configuration Vulnerability

Publication

2004-11-23

Last modification

2017-07-11

Summary

Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2.

Description

Linksys WAP55AG appliance has been reported prone to an insecure default configuration vulnerability.It has been reported that all SNMP MIB (Management Information Base) community strings, even read/write strings may be disclosed to a remote attacker if the attacker makes certain queries to the affected appliance.An attacker may disclose sensitive information in this manner. Although unconfirmed, it may also be possible for the attacker to manipulate the appliance configuration through writeable strings.

Solution

Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: info@vumetric.com <mailto:info@vumetric.com>.

Exploit

The following example has been supplied:Querying OID:1.3.6.1.4.1.3955.2.1.13.1.2.1.3.6.1.4.1.3955.2.1.13.1.2.1 = STRING: "public"1.3.6.1.4.1.3955.2.1.13.1.2.2 = STRING: "private"

Risk level (CVSS AV:N/AC:L/Au:N/C:P/I:P/A:N)

Medium

6.4

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
Linksys Wap55Ag  1.0.7