A vulnerability in the way implementations of SNMPv3 handle specially crafted packets may allow authentication bypass.
The Simple Network Management Protocol (SNMP) is a widely deployed protocol that is commonly used to monitor and manage network devices.
SNMPv3 ( RFC 3410) supports a user-based security model (RFC 3414) that incorporates security features such as authentication and privacy control.
Authentication for SNMPv3 is done using keyed-hash message authentication code (HMAC), a message authentication code calculated using a cryptographic hash function in combination with a secret key.
Implementations of SNMPv3 may allow a shortened HMAC code in the authenticator field to authenticate to an agent or a trap daemon using a minimum HMAC of one byte.
Reducing the HMAC to one-byte HMAC makes brute-force authentication trivial.
This vulnerability allows attackers to read and modify any SNMP object that can be accessed using the authentication credentials that got them into the system.
Attackers exploiting this vulnerability can view and modify the configuration of these devices.
Attackers must gain access using credentials with write privileges in order to modify configurations.
Does the SNMPv3 security vulnerability CVE-2008-0960 affect eHealth?
All currently supported versions of eHealth that are integrated with Snmp Research Brassd SnmpV3 Proxy.
eHealth 6.2.2 to the latest
eHealth is not directly affected by the SNMP v3 vulnerability; however, SNMP Research's key servers which are used in the eHealth implementation of SNMP v3 are affected. SNMP Research has updates that address the issue. Please contact SNMP Research (http://www.snmp.com) for more information.
Upgrade to the latest version of Snmp Research Brass
For more information regarding Snmp Research's statement about this vulnerability, click the link below:
More information on the alert can be found at http://www.kb.cert.org/vuls/id/878044/