Published: 08/10/2018 Updated: 16/10/2019

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 405

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

_set_key in agent/helpers/table_container.c in Net-SNMP prior to 5.8 has a NULL Pointer Exception bug that can be used by an authenticated malicious user to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
net-snmp net-snmp
debian debian linux 9.0
canonical ubuntu linux 14.04
canonical ubuntu linux 16.04
canonical ubuntu linux 18.04
canonical ubuntu linux 18.10
canonical ubuntu linux 12.04
netapp cloud backup -
netapp e-series santricity os controller
netapp data ontap -
netapp storagegrid webscale -
netapp hyper converged infrastructure -
netapp solidfire element os -
paloaltonetworks pan-os

Debian Bug report logs - #910638 net-snmp: CVE-2018-18065 Package: src:net-snmp; Maintainer for src:net-snmp is Net-SNMP Packaging Team <pkg-net-snmp-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 9 Oct 2018 08:21:02 UTC Severity: grave Tags: patch, security, upstrea ...

Magnus Klaaborg Stubman discovered a NULL pointer dereference bug in net-snmp, a suite of Simple Network Management Protocol applications, allowing a remote, authenticated attacker to crash the snmpd process (causing a denial of service) For the stable distribution (stretch), this problem has been fixed in version 573+dfsg-17+deb9u1 We recomme ...

Net-SNMP could be made to crash if it received specially crafted network traffic ...

A denial of service vulnerability has been discovered in net-snmp before 58 The _set_key function in agent/helpers/table_containerc has a NULL pointer exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in denial of service ...

CVE-2018-18065 Denial of Service in PAN-OS Management Interface ...

Critical Infrastructure Sectors: Chemical, Energy, Food and Agriculture, Healthcare and Public Health, Transportation Systems, Water and Wastewater Systems

_ _ / | ___ ___| |_ ___ ___ ___ _____ ___ _ / / | | -_| _|___|_ -| | | | |_|_/ |_|_|___|_| |___|_|_|_|_|_| _| |_| 2018-10-08 NET-SNMP REMOTE DOS =================== Second bug is remotely exploitable only with knowledge of the community string (in this case "public ...

CWE-476 https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/https://dumpco.re/blog/net-snmp-5.7.3-remote-dos https://www.exploit-db.com/exploits/45547/https://www.debian.org/security/2018/dsa-4314 https://usn.ubuntu.com/3792-1/https://usn.ubuntu.com/3792-2/https://usn.ubuntu.com/3792-3/https://security.netapp.com/advisory/ntap-20181107-0001/http://www.securityfocus.com/bid/106265 https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html https://cert-portal.siemens.com/productcert/pdf/ssa-978220.pdf https://security.paloaltonetworks.com/CVE-2018-18065 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910638 https://nvd.nist.gov https://usn.ubuntu.com/3792-1/https://www.exploit-db.com/exploits/45547/https://www.cisa.gov/uscert/ics/advisories/icsa-20-042-02 https://www.debian.org/security/./dsa-4314

CVE-2018-18065

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

Exploits

References

Vulmon Search

About

Products

Connect