'[ net-snmp-Bugs-1712988 ] GETBULK with large max-repeaters denial of'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       net-snmp-bugs
Subject:    [ net-snmp-Bugs-1712988 ] GETBULK with large max-repeaters denial of
From:       "SourceForge.net" <noreply () sourceforge ! net>
Date:       2007-05-07 16:45:31
Message-ID: E1Hl6L5-0006Ar-Fv () sc8-sf-web21 ! sourceforge ! net
[Download RAW message or body]

Bugs item #1712988, was opened at 2007-05-04 11:13
Message generated for change (Comment added) made by hardaker
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=112694&aid=1712988&group_id=12694

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: agent
Group: None
> Status: Closed
> Resolution: Fixed
Priority: 5
Private: No
Submitted By: Nobody/Anonymous (nobody)
> Assigned to: Wes Hardaker (hardaker)
Summary: GETBULK with large max-repeaters denial of service

Initial Comment:
By executing the command

   snmpbulkwalk -C r240000 192.168.103.94

I was able to bring a fellow developer's system (running Linux 2.4.25 on a Power PC) \
to a stand-still as the SNMP agent (version 5.4) consumed all available memory and \
CPU trying unsuccessfully process the request.

This problem report resembles report 1206723, which appears to have been summarily \
closed without resolution. I would guess fixing this problem should be as simple as \
capping max-repeaters to some reasonably small value (aiming for a limit of, say, 16 \
Kbytes, perhaps).

Bill Trost <btrost@motorola.com>



----------------------------------------------------------------------

> Comment By: Wes Hardaker (hardaker)
Date: 2007-05-07 09:45

Message:
Logged In: YES 
user_id=76242
Originator: NO

try the following patch, which sets (configurable) limits on how getbulk
requests are handled.

Oh, and do me a favor and tell your coworker that he/she shouldn't be
giving you access to his/her machine as you've proven that you can't be
trusted with it!  (humor, of course)

Will be applied to the various trees.
File Added: maxreps.patch

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=112694&aid=1712988&group_id=12694

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Net-snmp-bugs mailing list
Net-snmp-bugs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-bugs


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic