Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2018-18066

Published: 08/10/2018 Updated: 16/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Net-snmp

Vulnerability Summary

snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP prior to 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated malicious user to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

net-snmp net-snmp

netapp storagegrid webscale -

netapp solidfire element os -

netapp hyper converged infrastructure -

netapp cloud backup -

netapp data ontap -

netapp e-series santricity os controller

Vendor Advisories

Red Hat: Moderate: net-snmp security and bug fix update
Synopsis Moderate: net-snmp security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for net-snmp is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ...
Red Hat: Moderate: net-snmp security and bug fix update
Synopsis Moderate: net-snmp security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for net-snmp is now available for Red Hat Enterprise Linux 77 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerabil ...
Amazon Linux 2: ALAS2-2020-1454
snmp_oid_compare in snmplib/snmp_apic in Net-SNMP before 58 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service (CVE-2018-18066) ...
Arch Linux Issues:
A denial of service vulnerability has been discovered in net-snmp before 58 The snmp_oid_compare function in snmplib/snmp_apic has a NULL pointer exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in denial of service This is a duplicate of CVE-2015-5621 ...

References

CWE-476https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/https://dumpco.re/blog/net-snmp-5.7.3-remote-doshttps://security.netapp.com/advisory/ntap-20181107-0001/https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlhttps://access.redhat.com/errata/RHSA-2020:1081https://nvd.nist.govhttps://alas.aws.amazon.com/AL2/ALAS-2020-1454.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook