----------------------------------------------------------------------

Want a new job?

http://secunia.com/secunia_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/

International Partner Manager - Project Sales in the IT-Security
Industry:
http://corporate.secunia.com/about_secunia/64/

----------------------------------------------------------------------

TITLE:
Cisco Products SNMPv3 Two Vulnerabilities

SECUNIA ADVISORY ID:
SA30612

VERIFY ADVISORY:
http://secunia.com/advisories/30612/

CRITICAL:
Moderately critical

IMPACT:
Spoofing

WHERE:
>From local network

OPERATING SYSTEM:
Cisco SAN-OS 3.x (MDS 9000 Switches)
http://secunia.com/product/18475/
Cisco SAN-OS 2.x (MDS 9000 Switches)
http://secunia.com/product/6101/
Cisco NX-OS 4.x
http://secunia.com/product/19025/
Cisco Application Control Engine (ACE) XML Gateway
http://secunia.com/product/19027/
Cisco Application Control Engine (ACE) Appliance
http://secunia.com/product/19026/
Cisco IOS XR 3.x
http://secunia.com/product/4907/
Cisco IOS R12.x
http://secunia.com/product/50/
Cisco IOS 12.x
http://secunia.com/product/182/
Cisco CATOS 8.x
http://secunia.com/product/3564/
Cisco CATOS 7.x
http://secunia.com/product/185/
Cisco CATOS 6.x
http://secunia.com/product/527/

SOFTWARE:
Cisco Application Control Engine (ACE) Module
http://secunia.com/product/12539/

DESCRIPTION:
Two vulnerabilities have been reported in various Cisco products,
which can be exploited by malicious people to spoof authenticated
SNMPv3 packets.

The vulnerabilities are caused due to errors in the authentication
code of multiple SNMPv3 implementations and can be exploited via
specially crafted SNMPv3 packets using HMAC-MD5-96 or HMAC-SHA-96 as
authentication protocol.

Successful exploitation allows to disclose certain network
information or make configuration changes on a vulnerable device, but
requires that the SNMP server is enabled (disabled by default).

This is related to:
SA30574

The vulnerabilities are reported in the following products:
* Cisco IOS
* Cisco IOS-XR
* Cisco Catalyst Operating System (CatOS)
* Cisco NX-OS
* Cisco Application Control Engine (ACE) Module
* Cisco ACE Appliance
* Cisco ACE XML Gateway
* Cisco MDS 9000 Series Multilayer Fabric Switches

SOLUTION:
Update to fixed versions (please see vendor advisory for details).

PROVIDED AND/OR DISCOVERED BY:
The vendor credits Dr. Tom Dunigan of the University of Tennessee and
Net-SNMP.

ORIGINAL ADVISORY:
http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml

OTHER REFERENCES:
SA30574:
http://secunia.com/advisories/30574/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------