Microsoft Product Support Services   All Products  |   Support  |   Search  |   microsoft.com Home  
microsoft.com
  Support Home  |   Self Support  |   Assisted Support  |   Custom Support  |

Windows 2000 SNMP Registry Entries Are Saved in Plain Text Format and Are Readable


The information in this article applies to:
  • Microsoft Windows versions 2000, 2000 SP1 Professional
  • Microsoft Windows versions 2000, 2000 SP1 Server
  • Microsoft Windows versions 2000, 2000 SP1 Advanced Server


For additional information about how to resolve this problem in Microsoft Windows NT 4.0, click the article number below to view the article in the Microsoft Knowledge Base:
Q265714 Windows NT 4.0 SNMP Registry Entries Are Saved in Plain Text Format and Are Readable

SYMPTOMS

Microsoft has released a tool that corrects the permissions on the SNMP Parameters registry values in Microsoft 2000. The default permissions could allow a malicious user to gain additional privileges on an affected machine.

When you create the PermittedManagers and ValidCommunities registry keys for the Simple Network Management Protocol (SNMP) service, any user has permission to read the contents of the keys because they are saved in plain text format.

For additional information about this vulnerability, see the following Microsoft Web site:

http://www.microsoft.com/technet/security/bulletin/MS00-096.asp


RESOLUTION

A supported fix is now available from Microsoft, but it is only intended to correct the problem described in this article and should be applied only to systems experiencing this specific problem. This fix may receive additional testing at a later time, to further ensure product quality. Therefore, if you are not severely affected by this problem, Microsoft recommends that you wait for the next Windows 2000 service pack that contains this fix.

To resolve this problem immediately, download the fix as instructed below or contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information on support costs, please go to the following address on the World Wide Web:

http://support.microsoft.com/directory/overview.asp
The following file is available for download from the Microsoft Download Center:
[GRAPHIC: Download]Download Q266794_W2K_SP2_x86_en.exe now
For additional information about how to download Microsoft Support files, click the article number below to view the article in the Microsoft Knowledge Base:
Q119591 How to Obtain Microsoft Support Files from Online Services
Microsoft used the most current virus detection software available on the date of posting to scan this file for viruses. Once posted, the file is housed on secure servers that prevent any unauthorized changes to the file.

The English-language version of this fix should have the following file attributes or later:
   Date        Time    Version        Size     File name
   --------------------------------------------------------
   06/28/2000  04:45a  5.0.2195.2097   77,584  Netoc.dll
   06/28/2000  04:45a  1.0.0.1        214,288  Snmpsnap.dll 


STATUS

Microsoft has confirmed this to be a problem in Microsoft Windows 2000.


MORE INFORMATION

The registry entries are located under the following SNMP registry key:

HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/SNMP/Parameters
For additional information about how to install Windows 2000 and Windows 2000 hotfixes at the same time, click the article number below to view the article in the Microsoft Knowledge Base:
Q249149 Installing Microsoft Windows 2000 and Windows 2000 Hotfixes

Additional query words: SNMP Parameters

Keywords : kbRegistry kbWin2000PreSP2Fix
Issue type : kbbug
Technology : kbwin2000AdvServ kbwin2000AdvServSearch kbwin2000S kbwin2000Ssearch kbwin2000Search kbwin2000ProSearch kbwin2000Pro


Last Reviewed: January 30, 2001
© 2001 Microsoft Corporation. All rights reserved. Terms of Use.


Article ID: Q266794

Last Reviewed:
January 30, 2001

Send to a friend

Provided by
Microsoft Product Support Services


Did the information in this article help answer your question?

Yes
No
Did not apply

Please provide additional comments about this information.
(255 character max)