Skip to content

Security issue when adding a snmpv3 user with the formula #32

Description

@Gerwie

When adding a SNMPv3 user according the formula:

rwusers:
- username: '<user>'
   authpassphrase: '<authpassphrase>'
   view: all
   authproto: 'SHA'
   privproto: 'AES'
   privpassphrase: '<privpassphrase>'

The formula adds two lines to the snmpd.conf file:

rwuser <user> auth -V all
createUser <user> SHA <authpassphrase> AES <privpassphrase>

The last line is what causes the security issue.
When adding an SNMPv3 user by using net-snmp-create-v3-user the first line is added in the file snmpd.conf file located in /etc/snmp/snmpd. The second line is added in another file snmpd.conf file located in: /var/lib/net-snmp/.
When the line is read from the snmpd.conf file located in /var/lib/net-snmp/, the line is removed (eliminating the storage of the master password for that user) and replaced with the key that is derived from it.
Source: man page snmpd.conf

In the current situation, the formula adds the createUser line in the snmpd.conf file located in /etc/snmp/. Therefore the line will not be removed and the passwords are visible to anyone that can access that snmpd.conf file.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions