[ Thanks to LinuxSecurity Contributors for
this link. ]
“SNMP is the Simple Network Management Protocol, the most
popular protocol to manage network devices. Hundreds, possibly
thousands, of products use it. Last fall, a group of Finnish
researchers discovered multiple vulnerabilities in SNMP. By
exploiting the vulnerabilities, an attacker could cause a
denial-of-service attack, and in some cases take over control of
the system.“The vulnerabilities concerns SNMP’s trap-handling and
request-handling functions, and stem from problems in the reference
code (probably) used inside the Abstract Syntax Notation (ASN.1)
and Basic Encoding Rules (BER). The SNMP vulnerabilities affect
hundreds of different devices: operating systems, network
equipment, software packages, even things like digital cameras.
It’s a BIG deal.“It’s actually a bigger deal than has been reported. ASN.1 is
used inside a lot of other applications, such as OpenSSL. These
vulnerabilities aren’t limited to SNMPv1; that’s just the only
thing that’s been well-publicized at this point. (The recently
reported problems in mod_ssl and Apache are apparently related to
this, too.)…”