• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
19990607 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20071119)
Votes (Legacy)
ACCEPT(2) Baker, Dik
MODIFY(1) Frech
NOOP(1) Wall
REVIEWING(1) Christey
Comments (Legacy)
 Frech> Change XF:snmp-backdoor-access to XF:sol-hidden-commstr
   Add ISS:Hidden Community String in SNMP Implementation
 Christey> What is the proper level of abstraction to use here?  Should
   we have a separate entry for each different default community
   string?  See: and
   Until the associated content decisions have been approved
   by the Editorial Board, this candidate cannot be accepted
   for inclusion in CVE.
 Christey> ADDREF BID:177
 Christey> ISS:19981102 Hidden community string in SNMP implementation
   Change description to include "hidden"
 Christey> XF:snmp-backdoor-access is missing.

Proposed (Legacy)
This is an entry on the CVE list, which standardizes names for security problems.