On 18/04/2008, Emi Yanagi wrote:
> It seems there could be a security hole in snmpCommunityTable. What if a
> user who only has access to read-only community name "public", used it to
> walk through snmpCommunityName, which would also populate the read-write
> community name "private". Then the read-only user gained the read-write
> community access.
> How do I prevent this security hole in my implementation?

By restricting access to the snmpCommunityTable.
Don't allow "untrusted" users to view the contents.


This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
Net-snmp-coders mailing list