SNMPv3 Authentication Bypass - CVE-2008-0960

From: inode <inode_at_nospam>
Date: Thu Jun 12 2008 - 08:30:30 GMT
To: bugtraq@securityfocus.com, pen-test@securityfocus.com

I just finished testing my latest code, it's a patch for Net-SNMP 5.4.1.1 that allow you to exploit the CVE-2008-0960 for bypass the HMAC validation on SNMP v3 (multiple vendor affected).

You can download it at:
http://lab.mediaservice.net/code.php#snmpv3

inode -- Agazzini Maurizio @ Mediaservice.net S.R.L. 0xF574450C - 09C5 E9A5 E481 D70A 708E DC3B 690D 1A36 F574 450C "C programmers never die. They are just cast into void." http://mediaservice.net/disclaimer

This message: [ Message body ]
Next message: DEF CON Switzerland: "DEFCON Switzerland looking for DEFCON visitors"
Previous message: sys-project_at_nospam: "ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]