No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


SNMP community name visible at PPP packets because of algorithm shortcoming at ME60

Publication Date:  2012-07-27 Views:  81 Downloads:  0
Issue Description
Customer use PPP as access model. If capture packets at client side we can read at "PPP LCP Reject" packet snmp community name that was configured at ME60. This is real security challenge if evereone will know such kind parameter. At ME60 use version V100R006C05SPC600.
Alarm Information
part of SNMP configuration from ME60 is:
    snmp-agent local-engineid 000007DB7FFFFFFF00004407
    snmp-agent community read  huawei12345 acl 2000
See attached example of packet. This packet that send ME60 to client and have readable string "huawei12345". This string didn't belong any RFC fields of PPP LCP packet.
Handling Process
Root Cause
Version V100R006C05SPC600 use following algorithm: if PPP packet’s length is less than 60 bytes, ME60 will use part of the content in the memory to make the length longer to 60 bytes (also such process called padding). This site happened to just used the content of memory which contains the snmp community name.  V6R2 don’t have this problem, because the mechanism has been changed in V6R2. Also as workaround use following: undo snmp configuration and restored it again, high probability exist that for padding packet ME60 wil use anither part of memory.