CVE-2018-18066

Source
Severity High
Remote Yes
Type Denial of service
Description
A denial of service vulnerability has been discovered in net-snmp before 5.8. The snmp_oid_compare function in snmplib/snmp_api.c has a NULL pointer exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in denial of service.
This is a duplicate of CVE-2015-5621.
Group Package Affected Fixed Severity Status Ticket
AVG-783 net-snmp 5.7.3-9 5.8-1 High Fixed
References
https://sourceforge.net/p/net-snmp/bugs/2615/
https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791
https://seclists.org/oss-sec/2018/q4/24
https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
Notes
This is a duplicate of CVE-2015-5621.