Reported February 28, 2001, by Cisco Systems.

VERSIONS AFFECTED

All Cisco products using the Internetwork Operating System (IOS), including (but not limited to):

  • 800, 1000, 1005, 1400, 1600, 1700, 2500, 2600, 3600, MC3810, 4000, 4500, 4700, 6200, 6400 NRP, and 6400 NSP series Cisco routers

  • ubr900 and ubr920 universal broadband routers

  • Catalyst 2900 ATM, 2900XL, 2948g, 3500XL, 4232, 4840g, and 5000 RSFC series switches

  • 5200, 5300, and 5800 series access servers

  • Catalyst 6000 MSM, 6000 Hybrid Mode, 6000 Native Mode, 6000 Supervisor Module, and Catalyst ATM Blade

  • RSM, 7000, 7010, 7100, 7200, ubr7200, 7500, 10000 ESR, and 12000 GSR series Cisco routers

  • DistributedDirector

  • Catalyst 8510CSR, 8510MSR, 8540CSR, and 8540MSR series switches

DESCRIPTION

A vulnerability exists in the Cisco IOS implementation of SNMP that allows access to configuration information on affected devices. By knowing the read-only SNMP community string, an intruder can gain access to configuration information on a read-only basis. By knowing the SNMP read-write community string, an intruder can make unauthorized configuration modifications.

VENDOR RESPONSE

Cisco has issued two notices regarding this vulnerability:

http://www.cisco.com/warp/public/707/ios-snmp-ilmi-vuln-pub.shtml

http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml

Customers can obtain a firmware upgrade through Cisco distribution channels.

CREDIT
Discovered by Cisco Systems.