SNMP 'GETBULK' Reflection DDoS

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote SNMP daemon is affected by a vulnerability that allows a
reflected distributed denial of service attack.

Description :

The remote SNMP daemon is responding with a large amount of data to a
'GETBULK' request with a larger than normal value for
'max-repetitions'. A remote attacker can use this SNMP server to
conduct a reflected distributed denial of service attack on an
arbitrary remote host.

See also :

http://www.nessus.org/u?8b551b5c
http://www.nessus.org/u?bdb53cfc

Solution :

Disable the SNMP service on the remote host if you do not use it.
Otherwise, restrict and monitor access to this service, and consider
changing the default 'public' community string.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: SNMP

Nessus Plugin ID: 76474 ()

Bugtraq ID:

CVE ID: