Denial of service vulnerabilities in Net-snmp

Published: 2018-10-11 17:16:45
Severity Low
Patch available YES
Number of vulnerabilities 2
CVE ID CVE-2018-18066
CVE-2018-18065
CVSSv3 5.7 [CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CWE ID CWE-476
Exploitation vector Network
Public exploit N/A
Vulnerable software Net-snmp
Vulnerable software versions Net-snmp 5.7.0
Net-snmp 5.7.3
Net-snmp 5.5.0.1

Show more

Vendor URL net-snmp.sourceforge.net

Security Advisory

1) Null pointer dereference

Description

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The vulnerability exists in the snmp_oid_compare() function, as defined in the snmplib/snmp_api.c source code file due to a NULL pointer exception bug. A remote attacker can send a malicious UDP packet, trigger a NULL pointer dereference condition, cause the application to crash.

Remediation

Update to version 5.8.

External links

https://dumpco.re/blog/net-snmp-5.7.3-remote-dos

2) Null pointer dereference

Description

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The vulnerability exists  in the _set_key() function, as defined in the agent/helpers/table_container.c source code file due to a NULL pointer exception bug. A remote attacker can send a malicious UDP packet, trigger a NULL pointer dereference condition, cause the application to crash.

Remediation

Update to version 5.8.

External links

https://dumpco.re/blog/net-snmp-5.7.3-remote-dos

Back to List