| Check Point Reference: |
SBP-2006-19 |
| Date Published: |
16 Jul 2006 |
| Severity: |
Medium
|
| Last Updated: |
Sunday 01 January, 2006 |
| Source: |
SmartDefense Research Center |
| Protection Provided by: |
|
| Who is Vulnerable? | Network devices that support SNMP |
| Vulnerability Description |
SNMP is part of the internet protocol suite that provides a coherent framework for the management of various network devices. SNMPv2 and SNMPv3 provide security enhancements over SNMPv1. SNMP vulnerability makes it the target of information modification. For example, a remote attacker can capture an SNMP message and gather valuable information about internal network devices and infrastructure. |
| Vulnerability Details | SNMPv3 contains authentication, authorization, access control, data integrity, key management, and encryption options not available in previous SNMP versions. In addition, due to the lack of authentication an attacker can manipulate SNMP to learn about internal information and occurrences. |
Feedback