Subject:      Re: One more 3Com SNMP vulnerability
To: BUGTRAQ@SECURITYFOCUS.COM 


Hi all,


Well spotted. To be more accurate, this bug can be found on
3Com SuperStack II Port Switch Hubs running software version
2.10. The bug disappeared from version 2.12. New software
versions are available at
http://support.3com.com/software/superstack_ii_ps_hub_40_fil
es.htm


Arnaud Bienvenu.


--
Hi,


  It seems that 3Com does not pay much atention how its SNMP
is
implemented. In 3Com SuperStack II hubs MIB there's an OID:
.1.3.6.1.4.1.43.10.4.2. Its name decodes to
.iso.org.dod.internet.private.enterprises.a3Com.generic.secu
rity.securityUserTable.
What You need to know that's read-only community and this
OID will give you
entire table of communities (read-write and read-only).
  If somebody knows how to contact 3Com with such reports
forward this info
to them. Half an hour exploring 3Com web site i found no
e-mail's (not even
<A HREF="mailto:support@3com.com">support@3com.com</A>).
Amazing...


--
Nerijus Krukauskas                   Bank of Lithuania
Division head                        IT department,
Networking division
Tel. +370-2-680731                   Zirmunu 151
<A
HREF="mailto:nkrukauskas@lbank.lt">nkrukauskas@lbank.lt</A>
                2012 Vilnius, Lithuania