CVE-2006-5382

Name of the Vulnerable Software and Affected Versions 3Com Switch SS3 4400 versions 5.11, 6.00, 6.10 and earlier

Description The issue allows remote attackers to read the SNMP Read-Write Community string, which can be used to conduct unauthorized actions. This is achieved by sending normally restricted management packets on the device, causing the community string to be returned.

Recommendations For versions 5.11, 6.00, 6.10 and earlier, restrict access to the SNMP service to minimize the risk of exploitation. As a temporary workaround, consider disabling the SNMP Read-Write Community string until a patch is available. Avoid using the device's management interface from untrusted networks until the issue is resolved.