Simple Network Management Protocol v2 (SNMP v2) is used frequently to monitor networks.
Which of the following vulnerabilities does il always introduce?
A.
Remote buffer overflow
B.
Cross site scripting
C.
Clear text authentication
D.
Man-in-the-middle attack
Explanation:
One of the main problems with using SNMP vl and v°2 is the clear text “community string” that it
uses to authenticate. It is easy to sniff and reuse. Most times, the SNMP community string is
shared throughout the organization’s servers and routers, making this authentication problem a
serious threat to security. There have been some isolated cases of remote buffer overflows
against SNMP daemons, but generally that is not a problem. Cross site scripting is a web
application vulnerability that is not related to SNMP. A man-in- the-middlc attack against a user
datagram protocol (UDP) makes no sense since there is no active session; every request has thecommunity string and is answered independently.