>>>>> On Wed, 29 Jun 2005 12:36:49 +0400, Roman Tsiroulnikov <[EMAIL >>>>> PROTECTED]> said:
Roman> We're found a critical bug in net-snmp library, in requests PDU Roman> parser. In particular situations, if snmp daemon receives Roman> incorrect or broken request PDU, it's infinitedly loops within Roman> PDU parser code, taking 100% load on one CPU, and stops to Roman> serve further requests. There should be code to prevent that from happening already in place. Roman> To reproduce this bug: send 1-byte request with 'Z' symbol. You Roman> can use something like netcat or this is 100% reproducible by Roman> running Nessus scanner. Ok, I've reproduced it for 5.1.2. I'm checking other versions, but f Roman> TCP & UDP code both affected. Only TCP is affected as far as I can tell so far. UDP doesn't have this issue from any thing I've tested. In fact, if you look at the code in question it only affects stream sockets. I've tested things just to be sure, however, and there are no issues. At least with the letter 'Z'. -- Wes Hardaker Sparta, Inc. ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ Net-snmp-coders mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
