Simple Network Management Protocol
(SNMP) Private Access
Impact
Several vendors have poorly protected "private" Management Information
Blocks (MIBs) that can control the target.
Resolution
Determine if your host requires SNMP. On many systems it is installed
"out of the box". Unless your enterprise uses SNMP for system management,
it may be prudent to simply "turn it off". Check with your vendor on
the easiest method for dectivating SNMP.
If SNMP is required, check with your network management group to see if
if access can be limited to the enterprise. Routers and firewalls
provide this facility.
If SNMP must be available over the Internet, close access to private
MIB communities, such as "private", "test", and "router".
CVE Reference(s):