Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

IPS-1 Protection Update for SNMP (Version 21)

Subscribe

Check Point Reference: CPAI-2007-202
Date Published:
Severity:
Last Updated:
Source: N/A.
Industry Reference(s): N/A.
Protection Provided by: IPS-1
  • IPS-1
Who is Vulnerable?
All IPS-1 customers should apply this signature update.
Vulnerability Description
This release is a maintenance update to SNMP. 
Vulnerability Status
N/A. 
Update/Patch Available
N/A.  
Vulnerability Details

This release is a maintenance update to SNMP.  It contains a bugfix for SNMP Community Name guessing detection, which was being triggered mistakenly in situations where certain types of Cisco SNMP community instance extensions were appended to the community name.  These can be recognized by logged guessing attacks in the form of "commname@instance".

Protection Overview

There is a new boolean variable, called CISCO_COMMUNITY_STRING_INDEXING, which when set to "1" (on) will enable this fix.  Due to the nature of community string guessing attacks, it is disabled by default.

To configure the defense, select your product from the list below and follow the related protection steps.

Additional Information

None

IPS-1

How Can I Protect My Network?
Ensure that all the latest signature updates from the SmartDefense Research team are installed on the IPS-1 sensor.

How Do I Know if My Network is Under Attack?
N/A.  This is a bugfix release.