CVE-2018-18065

Source
Severity Medium
Remote Yes
Type Denial of service
Description
A denial of service vulnerability has been discovered in net-snmp before 5.8. The _set_key function in agent/helpers/table_container.c has a NULL pointer exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in denial of service.
Group Package Affected Fixed Severity Status Ticket
AVG-777 net-snmp 5.7.3-9 5.8-1 High Fixed
Date Advisory Group Package Severity Description
17 Oct 2018 ASA-201810-11 AVG-777 net-snmp High multiple issues
References
https://sourceforge.net/p/net-snmp/bugs/2743/
https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d
https://seclists.org/oss-sec/2018/q4/24
https://dumpco.re/blog/net-snmp-5.7.3-remote-dos