CVE-2018-18066

CVE-2018-18066

Name

CVE-2018-18066

Description

snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Patch	https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/
Patch	https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/
Exploit	https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
Third Party Advisory	https://security.netapp.com/advisory/ntap-20181107-0001/
MISC	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Type

URI

Patch

https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/

Patch

https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/

Exploit

https://dumpco.re/blog/net-snmp-5.7.3-remote-dos

Third Party Advisory

https://security.netapp.com/advisory/ntap-20181107-0001/

MISC

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html