---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Ingate Firewall and SIParator SNMP HMAC Spoofing SECUNIA ADVISORY ID: SA30648 VERIFY ADVISORY: http://secunia.com/advisories/30648/ CRITICAL: Less critical IMPACT: Exposure of system information, Exposure of sensitive information WHERE: >From local network OPERATING SYSTEM: Ingate Firewall 3.x http://secunia.com/product/1573/ Ingate Firewall 4.x http://secunia.com/product/4050/ Ingate SIParator 3.x http://secunia.com/product/2212/ Ingate SIParator 4.x http://secunia.com/product/5687/ DESCRIPTION: Ingate has acknowledged a vulnerability in Ingate Firewall and SIParator, which can be exploited by malicious people to spoof authenticated SNMPv3 packets. For more information: SA30574 Successful exploitation allows to read configuration and status information from the device, but requires that SNMP is enabled (not enabled by default). NOTE: Reportedly, this can not be exploited to modify configuration settings on the device. The vulnerability is reported in Ingate Firewall and SIParator version 3.1.0 and newer. SOLUTION: Restrict access to the SNMP agent. Reportedly, the vulnerability will be fixed in the next regular release (Q3/2008). ORIGINAL ADVISORY: http://lists.ingate.com/pipermail/productinfo/2008/000021.html OTHER REFERENCES: SA30574: http://secunia.com/advisories/30574/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------