CVE-2018-18066 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Denial of service
Description	A denial of service vulnerability has been discovered in net-snmp before 5.8. The snmp_oid_compare function in snmplib/snmp_api.c has a NULL pointer exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in denial of service. This is a duplicate of CVE-2015-5621.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-783	net-snmp	5.7.3-9	5.8-1	High	Fixed

References
https://sourceforge.net/p/net-snmp/bugs/2615/ https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791 https://seclists.org/oss-sec/2018/q4/24 https://dumpco.re/blog/net-snmp-5.7.3-remote-dos

References

https://sourceforge.net/p/net-snmp/bugs/2615/
https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791
https://seclists.org/oss-sec/2018/q4/24
https://dumpco.re/blog/net-snmp-5.7.3-remote-dos

Notes
This is a duplicate of CVE-2015-5621.