-----Original Message----- From: Coppage, Ross Sent: Monday, May 13, 2002 1:08 PM To: 'Emre Yildirim' Subject: RE: ATMSNMPD Vulnerable but not Addressed Emre, Sun responded to me acknowledging that they are investigating problems with the ATMSNMPD. It is classified as "under investigation" So far they only mention the ability to kill the DAEMON remotely with malformed packets constituting a DOS. Im sure there is more to come. Still not publicly released.. Thanks for your response! Ross -----Original Message----- From: Emre Yildirim [mailto:emre.yildirim@us.army.mil] Sent: Monday, May 13, 2002 1:01 PM To: bugtraq@securityfocus.com Cc: coppager@scott.disa.mil Subject: Re: ATMSNMPD Vulnerable but not Addressed > ATMSNMPD vulnerable???? Yep! I am challenging anyone out > there to find information on line stating that Sun's > ATMSNMPD is vulnerable to attack. As of today May 13 2002 > there is no information identifying this fact. If you are > running SunATM 4.0 or 5.0 and have not added the patches > below you are vulnerable to attack. Is there sun > documentation identifying the vulnerability and the urgent > need to implement the patch? As of today there is not. http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fpatches%2F107915&zone_32=10 7915http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fpatches%2F109039&zone_3 2=109039-09 The patch description doesn't mention what type of vulnerability other than "atmsnmpd crashes due to improper handling of malicious SNMPv1 request PDUs" This is the first time I heard about it myself. Sun should have mentioned this problem in an official security advisory. The patches are also not listed under http://sunsolve.sun.com/pub-cgi/show.pl?target=patches/xos-8&nav=pub-patches which is the "Recommended & Security Patches for Solaris" page. Why is it not on there? I have no clue. I guess it is not a security issue or it isnt a recommended patch. Cheers Emre Yildirim emre@uab.edu | emre.yildirim@us.army.mil
