{"vuid":"VU#293051","idnumber":"293051","name":"Avaya Argent Office uses weak SNMP authentication mechanism","keywords":["Avaya Argent Office","weak SNMP authentication mechanism"],"overview":"The Avaya Argent Office does not properly enforce SNMP community string values, resulting in a weakened access control mechanism.","clean_desc":"The Avaya Argent Office does not properly enforce SNMP community string values. It will accept a null string (i.e. \"\") as a valid community string and will also accept partial strings that match the correct community string. The acceptance of partial strings allows an attacker to conduct brute force password attacks against the agent. According to reports, this vulnerability is only exploitable via an internal interface.","impact":"This vulnerability reduces the effectiveness of the access control provided by an SNMP community string.","resolution":"The CERT/CC is currently unaware of a practical solution to this problem.","workarounds":"","sysaffected":"","thanks":"This vulnerability was reported to the Bugtraq mailing list on 08/07/2001 by Jacek Lipkowski.","author":"This document was written by Jeffrey P. Lanza.","public":[],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-08-07T18:57:16Z","publicdate":"2001-08-07T00:00:00Z","datefirstpublished":"2003-10-30T21:51:46Z","dateupdated":"2003-10-30T21:51:48Z","revision":10,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"10","cam_internetinfrastructure":"0","cam_population":"2","cam_impact":"10","cam_easeofexploitation":"15","cam_attackeraccessrequired":"7","cam_scorecurrent":"0.984375","cam_scorecurrentwidelyknown":"1.18125","cam_scorecurrentwidelyknownexploited":"1.575","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":0.984375,"vulnote":null}