从安全性度量标准获取有关snmp的安全性错误。
运行Centos 5.7 64bit。 + cpanel(snmp没有编译easyapache)2.6.18-274.17.1.el5
风险:10
Description: SNMP is enabled and may be vulnerable Severity: Potential Problem CVE: CVE-2002-0012 CVE-2002-0013 CVE-2002-0053 Impact: If a vulnerable implementation of SNMP is running, a remote attacker could crash the device, cause the device to become unstable, or gain unauthorized access. Resolution For the HMAC length 1 security bypass vulnerability, [http://www.net-snmp.org/download.html] update to NET-SNMP 5.4.1.1, 5.3.2.1, 5.2.4.1, 5.1.4.1, 5.0.11.1, or UCD-snmp 4.2.7.1 or get updates for other products from your vendor. There are a number of measures which can be taken to reduce the risk of this vulnerability being exploited. Apply a [http://www.cert.org/advisories/CA-2002- 03.html#vendors] patch from your vendor if one is available. (IRIX users should also refer to [ftp://patches.sgi.com/support/free/secur ity/advisories/20020201-01-P] SGI Security Advisory 20020201-01-P, and Sun users should also refer to [http://sunsolve.sun.com/pub-cgi/retriev e.pl?doc=secbull/219] Sun Security Bulletin 219 for patch information.) Change all community strings to non-default strings which are difficult to guess. Block access to UDP ports 161 and 162 at the network perimeter. Disable the SNMP service on machines where it can be disabled and is not needed. There are a number of additional precautions which should also be taken wherever possible: Filter SNMP traffic from unauthorized internal hosts Segregate SNMP traffic onto a separate management network Block incoming and outgoing traffic (ingress and egress filtering) on ports 161, 162, 199, 391, 705, and 1993, both TCP and UDP Block incoming traffic destined for broadcast addresses and internal loopback addresses Disable stack execution For more information on these precautions, see [http://www.cert.org/advisories/CA-2002- 03.html] CERT Advisory 2002-03. Vulnerability Details: Service: snmp root@server [~]# yum remove net-snmp-utils Loaded plugins: fastestmirror Setting up Remove Process No Match for argument: net-snmp-utils Loading mirror speeds from cached hostfile * atomic: www6.atomicorp.com * base: centos.mirrors.tds.net * extras: mirror.sanctuaryhost.com * updates: centos.mirrors.tds.net Excluding Packages in global exclude list Finished Excluding Packages from CentOS-5 - Base Finished Excluding Packages from CentOS-5 - Updates Finished Package(s) net-snmp-utils available, but not installed. No Packages marked for removal root@server [~]# yum remove net-snmp Loaded plugins: fastestmirror Setting up Remove Process No Match for argument: net-snmp Loading mirror speeds from cached hostfile * atomic: www6.atomicorp.com * base: centos.mirrors.tds.net * extras: mirror.sanctuaryhost.com * updates: centos.mirrors.tds.net Excluding Packages in global exclude list Finished Excluding Packages from CentOS-5 - Base Finished Excluding Packages from CentOS-5 - Updates Finished Package(s) net-snmp available, but not installed. No Packages marked for removal root@server [~]# yum remove snmp Loaded plugins: fastestmirror Setting up Remove Process No Match for argument: snmp Loading mirror speeds from cached hostfile * atomic: www6.atomicorp.com * base: centos.mirrors.tds.net * extras: mirror.sanctuaryhost.com * updates: centos.mirrors.tds.net Excluding Packages in global exclude list Finished Excluding Packages from CentOS-5 - Base Finished Excluding Packages from CentOS-5 - Updates Finished No Packages marked for removal