A slight defect in the truncated HMAC code...

Perry E. Metzger perry at piermont.com
Tue Jun 10 17:18:47 EDT 2008

>From the No Comment Department:

Date: Tue, 10 Jun 2008 11:01:06 -0400
Message-Id: <TA08-162A.1166 at us-cert.gov>
From: CERT Advisory <cert-advisory at cert.org>
Subject: US-CERT Technical Cyber Security Alert TA08-162A -- SNMPv3 Authentication Bypass Vulnerability

         National Cyber Alert System

   Technical Cyber Security Alert TA08-162A

SNMPv3 Authentication Bypass Vulnerability

   Original release date: June 10, 2008
   Last revised: --
   Source: US-CERT

Systems Affected

     * Multiple Implementations of SNMPv3


   A  vulnerability in the way implementations of SNMPv3 handle specially
   crafted packets may allow authentication bypass.

I. Description

   The  Simple  Network  Management  Protocol (SNMP) is a widely deployed
   protocol  that is commonly used to monitor and manage network devices.
   SNMPv3  (  RFC  3410)  supports a user-based security model (RFC 3414)
   that incorporates security features such as authentication and privacy
   control.  Authentication  for  SNMPv3 is done using keyed-hash message
   authentication  code  (HMAC), a message authentication code calculated
   using  a cryptographic hash function in combination with a secret key.
   Implementations  of  SNMPv3  may  allow  a  shortened HMAC code in the
   authenticator field to authenticate to an agent or a trap daemon using
   a  minimum HMAC of one byte. Reducing the HMAC to one-byte HMAC makes
   brute-force  authentication  trivial.  This  issue  is known to affect
   Net-SNMP   and  UCD-SNMP.  Other  SNMP  implementations  may  also  be

II. Impact

   This vulnerability allows attackers to read and modify any SNMP object
   that  can  be  accessed  using the authentication credentials that got
   them into the system. Attackers exploiting this vulnerability can view
   and  modify  the  configuration  of these devices. Attackers must gain
   access  using  credentials  with  write  privileges in order to modify

III. Solution


   Please consult your vendor for more information.

Apply a patch

   Net-SNMP  has  released  a  patch  to  address  this  issue.  For more
   information,  refer  to  SECURITY  RELEASE: Multiple Net-SNMP Versions
   Released. Users are encouraged to apply the patch as soon as possible.
   Note that patch should apply cleanly to UCD-snmp too.

Enable the SNMPv3 privacy subsystem

   The  configuration  should  be  modified  to enable the SNMPv3 privacy
   subsystem  to  encrypt the SNMPv3 traffic using a secret, private key.
   This  option does not encrypt the HMAC, but does minimize the possible
   affects from this vulnerability.

IV. References

     * RFC 3410 - <http://tools.ietf.org/html/rfc3410>

     * RFC 3414 - <http://tools.ietf.org/html/rfc3414>

     * SECURITY   RELEASE:   Multiple   Net-SNMP   Versions   Released  -
       <http://sourceforge.net/forum/forum.php?forum_id=833770 >

     * US-CERT Vulnerability Note -

   The most recent version of this document can be found at:


   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert at cert.org> with "TA08-162A Feedback VU#878044" in the

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <http://www.us-cert.gov/cas/signup.html>.

   Produced 2008 by US-CERT, a government organization.

   Terms of use:


   Revision History

   June 10 2008: Initial release
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list