[tkined] tnm2.1.10: agent sessions and writecommunity

From: Rostislav Opocensky (orbis@pictus.org)
Date: Fri Sep 22 2000 - 21:01:06 MET DST


I have tried to write a simple SNMP agent using the latest Tnm library
available from ftp://ftp.ibr.cs.tu-bs.de/pub/local/tkined/ (v. 2.1.10)

There seems to be a flaw in the authentication of SNMP v1 & v2C set
requests. The agent allows it's instances to be set from a manager with a
read-only community and it allows it even if the -writecommunity argument
has been given to its session.

I have attached a simple patch to prevent the aforementioned behaviour.


Rostislav Opocensky <orbis@pictus.org> <orbis@unreal.cz> +420 411 825144
Unreal Technology sro., Dobrin 118, 41301 Roudnice n. L. +420 411 825111

!! This message is brought to you via the `tkined & scotty' mailing list.
!! Please do not reply to this message to unsubscribe. To subscribe or
!! unsubscribe, send a mail message to <tkined-request@ibr.cs.tu-bs.de>.
!! See http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/ for more information.

This archive was generated by hypermail 2b29 : Mon Jan 08 2001 - 15:27:53 MET