SNMPC Username/Password Remote Denial of Service Vulnerability
BID:24292
Info
SNMPC Username/Password Remote Denial of Service Vulnerability
| Bugtraq ID: | 24292 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2007-3098 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 04 2007 12:00AM |
| Updated: | May 07 2015 05:37PM |
| Credit: | EN Douli is credited with the discovery of this vulnerability. |
| Vulnerable: |
Castle Rock Computing SNMPc 7.0.18 Castle Rock Computing SNMPc 6.0.8 Castle Rock Computing SNMPc 6.0.5 Castle Rock Computing SNMPc 6.0 Castle Rock Computing SNMPc 5.1.9 Castle Rock Computing SNMPc 5.1 |
| Not Vulnerable: |
Castle Rock Computing SNMPc 7.0.19 |
Discussion
SNMPC Username/Password Remote Denial of Service Vulnerability
SNMPc is prone to a remote denial-of-service vulnerability.
Successfully exploiting this issue would cause the affected application to crash, denying service to legitimate users.
This issue is reported to affect versions of SNMPc prior to 7.0.19.
SNMPc is prone to a remote denial-of-service vulnerability.
Successfully exploiting this issue would cause the affected application to crash, denying service to legitimate users.
This issue is reported to affect versions of SNMPc prior to 7.0.19.
Exploit / POC
SNMPC Username/Password Remote Denial of Service Vulnerability
Attackers can exploit this issue by using readily available network tools and/or FTP clients.
The following Metasploit Framework module is available to demonstrate this issue:
Attackers can exploit this issue by using readily available network tools and/or FTP clients.
The following Metasploit Framework module is available to demonstrate this issue:
Solution / Fix
SNMPC Username/Password Remote Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Reports indicate that SNMPc 7.0.19 is not vulnerable to this issue; Symantec has not confirmed this.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Reports indicate that SNMPc 7.0.19 is not vulnerable to this issue; Symantec has not confirmed this.
References
SNMPC Username/Password Remote Denial of Service Vulnerability
References:
References:
- Castle Rock Computing SNMPc Product Page (Castle Rock Computing)