SNMP to DMI Mapper
Updated 9/10/01
CVE 2001-0236
Impact
A vulnerability in snmpXdmid could allow a remote
attacker to execute arbitrary commands with root privileges.
Background
The Simple Network
Management Protocol (SNMP) and the
Distributed Management Interface
(DMI) are used to manage networks and distributed computer
systems, respectively. Although the two are not
inherently interoperable, many applications require them to
be due to their similar functionality.
This problem is solved by the SNMP
to DMI mapper daemon (snmpXdmid),
a service which translates SNMP requests
to the DMI standard.
The Problem
A buffer overflow in the procedure which handles
an indication could be exploited to execute
arbitrary commands with root privileges.
Solaris 8 is affected by this vulnerability. It is
likely that Solaris 2.6 and 7 are affected as well.
Resolution
This vulnerability can be fixed by applying the appropriate patch
as indicated in
Sun Security
Bulletin 207.
An alternative solution is to simply disable snmpXdmid
if it is not needed at your site. This can be achieved by
entering the command:
/etc/init.d/init.dmi stop
Also, disable it in the boot scripts by finding every file
in every /etc/rc*.d directory called S*dmi
(where * matches any number) and renaming it to K07dmi.
Where can I read more about this?
See CERT Advisory 2001-05
and Sun
Security Bulletin 207.