CVE
- Id
- 597
- CVE No.
- CVE-1999-0615
- Status
- Candidate
- Description
- ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The SNMP service is running."
- Phase
- Modified (20080731)
- Votes
- ACCEPT(3) Baker, Prosser, Wall | NOOP(1) Christey | REJECT(1) Northcutt
- Comments
- Baker> Although newer versions on snmp are not as vulnerable as prior versions, | this can still be a significant risk of exploitation, as seen in recent | attacks on snmp services via automated worms | Christey> XF:snmp(132) ? | Prosser> This fits the "exposure" description although we also know there are many vulnerabilities in SNMP. This is more of a policy/best practice issue for administrators. If you need SNMP lock it down as tight as you can, if you don"t need it, don"t run it.
