微点交流论坛

标题: Cisco Products SNMPv3两个漏洞 [打印本页]

作者: pioneer 时间: 2008-6-13 16:35 标题: Cisco Products SNMPv3两个漏洞

来源

secunia.com

软件名

Cisco SAN-OS 3.x (MDS 9000 Switches)
Cisco SAN-OS 2.x (MDS 9000 Switches)
Cisco NX-OS 4.x
Cisco Application Control Engine (ACE) XML Gateway
Cisco Application Control Engine (ACE) Appliance
Cisco IOS XR 3.x
Cisco IOS R12.x
Cisco IOS 12.x
Cisco CATOS 8.x
Cisco CATOS 7.x
Cisco CATOS 6.x

描述

多个SNMPv3执行鉴定时的错误可通过使用HMAC-MD5-96 or
HMAC-SHA-96作为鉴定协议的特定SNMPv3包来导致
该漏洞在以下产品中已经报告
* Cisco IOS
* Cisco IOS-XR
* Cisco Catalyst Operating System (CatOS)
* Cisco NX-OS
* Cisco Application Control Engine (ACE) Module
* Cisco ACE Appliance
* Cisco ACE XML Gateway
* Cisco MDS 9000 Series Multilayer Fabric Switches

解决方案

更新到修复的版本（详见厂商建议细节）

欢迎光临微点交流论坛 (http://bbs.micropoint.com.cn/)

bbs.micropoint.com.cn