I have tried to write a simple SNMP agent using the latest Tnm library
available from ftp://ftp.ibr.cs.tu-bs.de/pub/local/tkined/ (v. 2.1.10)
There seems to be a flaw in the authentication of SNMP v1 & v2C set
requests. The agent allows it's instances to be set from a manager with a
read-only community and it allows it even if the -writecommunity argument
has been given to its session.
I have attached a simple patch to prevent the aforementioned behaviour.
-- Rostislav Opocensky <email@example.com> <firstname.lastname@example.org> +420 411 825144 Unreal Technology sro., Dobrin 118, 41301 Roudnice n. L. +420 411 825111
-- !! This message is brought to you via the `tkined & scotty' mailing list. !! Please do not reply to this message to unsubscribe. To subscribe or !! unsubscribe, send a mail message to <email@example.com>. !! See http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/ for more information.
This archive was generated by hypermail 2b29 : Mon Jan 08 2001 - 15:27:53 MET