Denial of service vulnerabilities in Net-snmp
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2018-18066 CVE-2018-18065 |
| CWE-ID | CWE-476 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Net-snmp Server applications / Remote management servers, RDP, SSH |
| Vendor | net-snmp.sourceforge.net |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Null pointer dereference
EUVDB-ID: #VU15321
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-18066
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The vulnerability exists in the snmp_oid_compare() function, as defined in the snmplib/snmp_api.c source code file due to a NULL pointer exception bug. A remote attacker can send a malicious UDP packet, trigger a NULL pointer dereference condition, cause the application to crash.
MitigationUpdate to version 5.8.
Vulnerable software versionsNet-snmp: 5.0 - 5.7.3
CPE2.3- cpe:2.3:a:net-snmp_sourceforge_net:net-snmp:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp_sourceforge_net:net-snmp:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp_sourceforge_net:net-snmp:5.0.2:*:*:*:*:*:*:*
https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Null pointer dereference
EUVDB-ID: #VU15322
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-18065
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The vulnerability exists in the _set_key() function, as defined in the agent/helpers/table_container.c source code file due to a NULL pointer exception bug. A remote attacker can send a malicious UDP packet, trigger a NULL pointer dereference condition, cause the application to crash.
MitigationUpdate to version 5.8.
Vulnerable software versionsNet-snmp: 5.0 - 5.7.3
CPE2.3- cpe:2.3:a:net-snmp_sourceforge_net:net-snmp:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp_sourceforge_net:net-snmp:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:net-snmp_sourceforge_net:net-snmp:5.0.2:*:*:*:*:*:*:*
https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
