Summary:
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3.
Affected Products:
These vulnerabilities affect all releases of Cisco IOS and IOS XE Software prior to the first fixed release and they affect all versions of SNMP—Versions 1, 2c, and 3.
To determine if the IOS or IOS XE is affected by this vulnerability, use the Cisco Software Checker tool. Below is an example that shows version 15.6(2)T1 is affected by this vulnerability (SNMP Remote Code Execution) and that the first fix in the same IOS line is 15.6(3)M2.
Devices running affected IOS/IOS_XE versions and that are configured with any of the following MIBs are vulnerable:
- ADSL-LINE-MIB
- ALPS-MIB
- CISCO-ADSL-DMT-LINE-MIB
- CISCO-BSTUN-MIB
- CISCO-MAC-AUTH-BYPASS-MIB
- CISCO-SLB-EXT-MIB
- CISCO-VOICE-DNIS-MIB
- CISCO-VOICE-NUMBER-EXPANSION-
MIB - TN3270E-RT-MIB
To display a list of the MIBs that are registered and enabled on a device, administrators can issue the show snmp mib command in privileged EXEC mode.
Workaround:
Disable the above vulnerable MIBs. To do so, administrators can use the snmp-server view global configuration command, as shown in the following example:
snmp-server view NO_BAD_SNMP iso included
snmp-server view NO_BAD_SNMP internet included
snmp-server view NO_BAD_SNMP snmpUsmMIB excluded
snmp-server view NO_BAD_SNMP snmpVacmMIB excluded
snmp-server view NO_BAD_SNMP snmpCommunityMIB excluded
snmp-server view NO_BAD_SNMP ciscoMgmt.252 excluded
snmp-server view NO_BAD_SNMP transmission.94 excluded
snmp-server view NO_BAD_SNMP mib-2.34.9 excluded
snmp-server view NO_BAD_SNMP ciscoMgmt.35 excluded
snmp-server view NO_BAD_SNMP ciscoMgmt.95 excluded
snmp-server view NO_BAD_SNMP ciscoMgmt.130 excluded
snmp-server view NO_BAD_SNMP ciscoMgmt.219 excluded
snmp-server view NO_BAD_SNMP ciscoMgmt.254 excluded
snmp-server view NO_BAD_SNMP ciscoMabMIB excluded
snmp-server view NO_BAD_SNMP ciscoExperiment.997 excluded
To then apply this configuration to a community string, administrators can use the following command:
snmp-server community mycomm view NO_BAD_SNMP RO
For SNMP Version 3, administrators can use the following command:
snmp-server group v3group auth read NO_BAD_SNMP write NO_BAD_SNMP
Further Info & Assistance:
This advisory is available at the following link:
Reference CVEs:
CVE-2017-6736
CVE-2017-6737
CVE-2017-6738
CVE-2017-6739
CVE-2017-6740
CVE-2017-6741
CVE-2017-6742
CVE-2017-6743
CVE-2017-6744
19 comments
Write commentsDoes disabling these SNMP MIBS cause any issues in existing SNMP operation ?
Reply4th largest Golf tournament has been running. Are you sleeping? Wake up and participate sports entertainment with golf tv channel.
ReplyBritish Open
British Open 2017
The Open Championship
Open Championship
Open Championship 2017
British Open 2017 Live
British Open Odds
The Open Championship 2017
British Open Live Stream
The Open
The Open 2017
British Open Leaderboard
Hall of Fame - 2017, Live Stream, Pro Football, TV Online, How to watch Free
Replyhttps://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
https://halloffame-game.com
ReplyHall of Fame
you are posting such a new idea is very interesting and give updates.
Replymsbi training in chennai
your post conveys a good messages and interesting things and give more updates.
Replydigital marketing company in india
ReplyPGA Championship
https://championshippga.org/
https://championshippga.org/
https://championshippga.org/
https://championshippga.org/
https://championshippga.org/
https://championshippga.org/
https://championshippga.org/
https://championshippga.org/
https://championshippga.org/
https://championshippga.org/
PGA Championship
ReplyPGA Championship 2017
PGA Championship Live
US PGA Championship
The PGA Championship
PGA Championship Live Stream
The PGA Championship 2017
PGA Championship 2017 Live
PGA Championship Leaderboard
PGA Championship Leaderboard
https://pgachampionship-the.org/
https://pgachampionship-the.org/
ReplyMayweather vs McGregor
McGregor vs Mayweather
Mayweather
McGregor
Mayweather vs McGregor Fight
Mayweather vs McGregor Live
Mayweather vs McGregor Live Stream
Mayweather vs McGregor
Money vs Mcgregor
The Money Fight
https://moneyvsmcgregor.com/
Mayweather vs McGregor
ReplyMcGregor vs Mayweather
Mayweather vs McGregor Fight
Mayweather
McGregor
Mayweather vs McGregor SHOWTIME
Mayweather vs McGregor PPV SHOOWTIME
Mayweather vs McGregor Live
McGregor vs Mayweather Live
Mayweather vs McGregor
Floyd Mayweather
Conor McGregor
https://mayweatherjrvmcgregor.com/
ReplyNew England Patriots
New England Patriots Schedule
Kansas City Chiefs
Kansas City Chiefs Schedule
Chiefs vs Patriots
Chiefs vs Patriots Schedule
Patriots vs Chiefs
Patriots vs Chiefs Schedule
Chiefs vs Patriots Live
Chiefs vs Patriots Live Stream
American Football
NFL Standings
NFL Football
Buccaneers vs Dolphins
ReplyBuccaneers Schedule
Dolphins vs Buccaneers
Eagles vs Redskins
Eagles Schedule
Redskins vs Eagles
Jaguars vs Texans
ReplyJaguars Schedule
Texans vs Jaguars
Texans Schedule
Jaguars
Texans
Cardinals vs Lions
Cardinals Schedule
Lions vs Cardinals
Lions Schedule
Cardinals
Lions
Ravens vs Bengals
ReplyRavens Schedule
Bengals vs Ravens
Bengals Schedule
Ravens vs Bengals
ReplyRavens Schedule
Bengals vs Ravens
Bengals Schedule
Cowboys
ReplyDallas Cowboys
Dallas Cowboys Schedule
Cowboys Schedule
NFL Schedule
Dallas Cowboys NFL Schedule
American Football
NFL Standings
NFL Football
https://a2z-livestream.com/
ReplyLive Stream Online
ReplyYou Can Watch Live
Match Schedule-Fixtures
NCAA Football 2017
NFL Football 2017
Watch Live Stream
Watch Live Stream Online
Live Stream Football
Live Stream Online Tv
NCAA Basketball Live
MLB Baseball Live
NBA Basketball Live
NHL Hocky Live
Soccer Live
US Open Tennis
ReplyUS Open
US Open Tennis 2018
US Open 2018
2018 US Open
PGA Championship Golf 2018
2018 US Open Tennis
US Open 2018 Schedule
US Open 2018 Tennis Schedule
US Open Tennis 2018 Schedule
U.S. Open
U.S. Open 2018
2018 U.S. Open
US Open Tennis Live
US Open Tennis Live Stream
US Open Tennis Live Streaming
US Open Live
US Open Live Stream
US Open Live Streaming
US Open 2018 Live
US Open 2018 Live Stream
US Open 2018 Live Streaming
US Open Tennis 2018 Live
US Open Tennis 2018 Live Stream
US Open Tennis 2018 Live Streaming
US Open 2018 TV Channel
US Open 2018 Dates
US Open Tennis Championships
US Open Tennis Championships 2018
https://ususopen.com/
EmoticonEmoticon