[AGENT++] SNMPv3 Authentication Bypass vulnerability

katz at agentpp.com katz at agentpp.com
Fri Jun 13 15:28:20 CEST 2008

Previous message: [AGENT++] SNMPv3 Authentication Bypass vulnerability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi, 

> Is the Agent++ implementation open to the same SNMPv3 authentication bypass
> vulnerability that has been identified in net-snmp? 
> 
> See http://www.us-cert.gov/cas/techalerts/TA08-162A.html for more details.

no, snmp++/agent++ is not vulnerable, as it checks if the authentication 
params have the correct length. 

Regards,
  Jochen

Previous message: [AGENT++] SNMPv3 Authentication Bypass vulnerability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the AGENTPP mailing list