CVE-2018-18065 - log back

CVE-2018-18065 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A denial of service vulnerability has been discovered in net-snmp before 5.8. The _set_key function in agent/helpers/table_container.c has a NULL pointer exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in denial of service.
References
+ https://sourceforge.net/p/net-snmp/bugs/2743/
+ https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d
+ https://seclists.org/oss-sec/2018/q4/24
+ https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
Notes