[lwip-devel] [bug #54886] Issue with SNMP app which can lead to controll

lwip-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [bug #54886] Issue with SNMP app which can lead to controll

From:	Dirk Ziegelmeier
Subject:	[lwip-devel] [bug #54886] Issue with SNMP app which can lead to controller restart
Date:	Tue, 23 Oct 2018 09:25:18 -0400 (EDT)
User-agent:	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:62.0) Gecko/20100101 Firefox/62.0

URL:
  <https://savannah.nongnu.org/bugs/?54886>

                 Summary: Issue with SNMP app which can lead to controller
restart
                 Project: lwIP - A Lightweight TCP/IP stack
            Submitted by: ognjenbjelica
            Submitted on: Tue 23 Oct 2018 01:25:17 PM UTC
                Category: None
                Priority: 5 - Normal
                  Status: None
                 Privacy: Public
             Assigned to: None
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
         Planned Release: None

    _______________________________________________________

Details:

Thank you for making and maintaing LWIP stack for free. While we were using
SNMP app, one of the requirements was to support sending traps in v1 and v2c.
Since original app wasn’t providing these functionalities, we have
implemented them as a patch. Now SNMP app has support for sending traps,
notifications and informs. For informs we have added callback, so main app can
have feedback.
While testing we were testing the SNMP app, we have found one critical bug
which caused controller to go to restart state. When you define MIB tree, with
some read-only or some write-only nodes, or you just don’t need testing
function and leave one of them to be nullptr. In that case, with current
implementation of SNMP app, you have create a security vulnerability. Because,
if user tries to call SET on read-only or GET on write-only node, SNMP app
will go through MIB tree and find corresponding function pointer (in this case
nullptr) and than it would call it - which would result in controller
restart.
Please feel free to contact me for any additional info.

Best Regards,
Ognjen Bjelica




    _______________________________________________________

Reply to this item at:

  <https://savannah.nongnu.org/bugs/?54886>

_______________________________________________
  Message sent via Savannah
  https://savannah.nongnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[lwip-devel] [bug #54886] Issue with SNMP app which can lead to controller restart, Dirk Ziegelmeier <=
- [lwip-devel] [bug #54886] Issue with SNMP app which can lead to controller restart, Dirk Ziegelmeier, 2018/10/23

Prev by Date: [lwip-devel] [task #15072] SNMP support for notifications and informs (v2c)
Next by Date: [lwip-devel] [bug #54886] Issue with SNMP app which can lead to controller restart
Previous by thread: [lwip-devel] [task #15072] SNMP support for notifications and informs (v2c)
Next by thread: [lwip-devel] [bug #54886] Issue with SNMP app which can lead to controller restart
Index(es):
- Date
- Thread