CVE-2018-18066

snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

Published : 2018-10-08 18:29 Updated : 2018-11-26 15:42

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Net-snmp Net-snmp 5.0 cpe:/a:net-snmp:net-snmp:5.0
Net-snmp Net-snmp 5.0.1 cpe:/a:net-snmp:net-snmp:5.0.1
Net-snmp Net-snmp 5.0.2 cpe:/a:net-snmp:net-snmp:5.0.2
Net-snmp Net-snmp 5.0.3 cpe:/a:net-snmp:net-snmp:5.0.3
Net-snmp Net-snmp 5.0.4 cpe:/a:net-snmp:net-snmp:5.0.4
Net-snmp Net-snmp 5.0.5 cpe:/a:net-snmp:net-snmp:5.0.5
Net-snmp Net-snmp 5.0.6 cpe:/a:net-snmp:net-snmp:5.0.6
Net-snmp Net-snmp 5.0.7 cpe:/a:net-snmp:net-snmp:5.0.7
Net-snmp Net-snmp 5.0.8 cpe:/a:net-snmp:net-snmp:5.0.8
Net-snmp Net-snmp 5.0.9 cpe:/a:net-snmp:net-snmp:5.0.9
Net-snmp Net-snmp 5.1 cpe:/a:net-snmp:net-snmp:5.1
Net-snmp Net-snmp 5.1.2 cpe:/a:net-snmp:net-snmp:5.1.2
Net-snmp Net-snmp 5.2 cpe:/a:net-snmp:net-snmp:5.2
Net-snmp Net-snmp 5.3 cpe:/a:net-snmp:net-snmp:5.3
Net-snmp Net-snmp 5.3.0.1 cpe:/a:net-snmp:net-snmp:5.3.0.1
Net-snmp Net-snmp 5.4 cpe:/a:net-snmp:net-snmp:5.4
Net-snmp Net-snmp 5.5 cpe:/a:net-snmp:net-snmp:5.5
Net-snmp Net-snmp 5.6 cpe:/a:net-snmp:net-snmp:5.6
Net-snmp Net-snmp 5.7 cpe:/a:net-snmp:net-snmp:5.7
Net-snmp Net-snmp 5.7.1 cpe:/a:net-snmp:net-snmp:5.7.1
Net-snmp Net-snmp 5.7.2 cpe:/a:net-snmp:net-snmp:5.7.2
Net-snmp Net-snmp 5.7.3 cpe:/a:net-snmp:net-snmp:5.7.3
Netapp Cloud Backup - cpe:/a:netapp:cloud_backup:-
Netapp Hyper Converged Infrastructure - cpe:/a:netapp:hyper_converged_infrastructure:-
Netapp Storagegrid Webscale - cpe:/a:netapp:storagegrid_webscale:-
Netapp Data Ontap - cpe:/o:netapp:data_ontap:-
Netapp Solidfire Element Os - cpe:/o:netapp:solidfire_element_os:-
  1. Netapp (5) Search CVE
    1. Data Ontap (1) Search CVE
      1. -
    2. Hyper Converged Infrastructure (1) Search CVE
      1. -
    3. Solidfire Element Os (1) Search CVE
      1. -
    4. Cloud Backup (1) Search CVE
      1. -
    5. Storagegrid Webscale (1) Search CVE
      1. -
  2. Net-snmp (1) Search CVE
    1. Net-snmp (22) Search CVE
      1. 5.0
      2. 5.0.1
      3. 5.0.2
      4. 5.0.3
      5. 5.0.4
      6. 5.0.5
      7. 5.0.6
      8. 5.0.7
      9. 5.0.8
      10. 5.0.9
      11. 5.1
      12. 5.1.2
      13. 5.2
      14. 5.3
      15. 5.3.0.1
      16. 5.4
      17. 5.5
      18. 5.6
      19. 5.7
      20. 5.7.1
      21. 5.7.2
      22. 5.7.3

CWE

ID Name Description Links
CWE-476 NULL Pointer Dereference A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. CVE

History of changes

Date Event
2018-11-26 15:42
2018-11-08 11:29
2018-10-08 18:29

New CVE