SNMP 'GETBULK' Reflection DDoS
Medium Nessus Plugin ID 76474
SynopsisThe remote SNMP daemon is affected by a vulnerability that allows a reflected distributed denial of service attack.
DescriptionThe remote SNMP daemon is responding with a large amount of data to a 'GETBULK' request with a larger than normal value for 'max-repetitions'. A remote attacker can use this SNMP server to conduct a reflected distributed denial of service attack on an arbitrary remote host.
SolutionDisable the SNMP service on the remote host if you do not use it.
Otherwise, restrict and monitor access to this service, and consider changing the default 'public' community string.