Check or Attack Name: NT Wins Dump

This exploit demonstrates the ability via SNMP to dump a list of all usernames in a Windows NT domain (assuming the target computer is a Domain Controller) or on a Windows NT Server.

The simplest fix is to disable SNMP, or to remove the extension agents through the SNMP configuration in the registry.

1. Open the Network control panel. From the Windows NT Start menu, select Settings, Control Panel, Network.
2. Click the Services tab and select the SNMP service.
3. Click Remove and confirm the operation.

BUGTRAQ Mailing List, SNMP Insecurity, http://geek-girl.com/bugtraq/1997_4/0060.html