bugtraq June 2008 archive
Main Archive Page > Month Archives  > bugtraq archives
bugtraq: SNMPv3 Authentication Bypass - CVE-2008-0960

SNMPv3 Authentication Bypass - CVE-2008-0960

From: inode <inode_at_nospam>
Date: Thu Jun 12 2008 - 08:30:30 GMT
To: bugtraq@securityfocus.com, pen-test@securityfocus.com


I just finished testing my latest code, it's a patch for Net-SNMP 5.4.1.1 that allow you to exploit the CVE-2008-0960 for bypass the HMAC validation on SNMP v3 (multiple vendor affected).

You can download it at:
http://lab.mediaservice.net/code.php#snmpv3

inode -- Agazzini Maurizio @ Mediaservice.net S.R.L. 0xF574450C - 09C5 E9A5 E481 D70A 708E DC3B 690D 1A36 F574 450C "C programmers never die. They are just cast into void." http://mediaservice.net/disclaimer