Foundry Networks Edgelron switches uses insecure SNMP community string by default

edgelron-default-snmp-string (8592) The risk level is classified as MediumMedium Risk

Description:

The default Simple Network Management Protocol (SNMP) configuration in Foundry Networks Edgelron Fast Ethernet switches accepts any community string with read/write privileges. This could allow a remote attacker to supply any community string to gain read/write privileges to any SNMP object on the network.


Consequences:

Gain Access

Remedy:

Issue the following commands from Foundry Networks to use the access control list feature built into the switch:

EdgeIron(config)#
EdgeIron(config)#snmp-server security
EdgeIron(config)#
EdgeIron(config)#snmp-server user <name> <community-string> <ip-address>

References:

  • BugTraq Mailing List, Wed Mar 20 2002 - 15:58:10 CST: Default SNMP configuration issue with Foundry Networks EdgeIron 4802F.
  • BID-4330: Foundry Networks EdgeIron SNMP Community String Read-Write Vulnerability
  • CVE-2002-0478: The default configuration of Foundry Networks EdgeIron 4802F allows remote attackers to modify sensitive information via arbitrary SNMP community strings.

Platforms Affected:

  • Foundrynet Edgelron 4802F Switch

Reported:

Mar 20, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page