CVE-2018-18066 HIGH

Published: 2018-10-08 | Last Modified: 2026-06-17 | Status: Modified

Description

snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

Additional Descriptions (1)

snmp_oid_compare en snmplib/snmp_api.c en Net-SNMP en versiones anteriores a la 5.8 tiene un error de excepción de puntero NULL que puede ser empleado por un atacante no autenticado para provocar el cierre inesperado de la instancia de forma remota mediante un paquete UDP manipulado, lo que resulta en una denegación de servicio (DoS).

CVSS Metrics

Base Score: 7.5 (HIGH)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector	NETWORK
Attack Complexity	LOW
Privileges Required	NONE
User Interaction	NONE
Scope	UNCHANGED
Confidentiality Impact	NONE
Integrity Impact	NONE
Availability Impact	HIGH

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Type: Secondary

Exploitability Score: 3.9

Impact Score: 3.6

Base Score: 5.0 (MEDIUM)

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector	NETWORK
Access Complexity	LOW
Authentication	NONE
Confidentiality Impact	NONE
Integrity Impact	NONE
Availability Impact	PARTIAL

Source: [email protected]

Type: Primary

Exploitability Score: 10.0

Impact Score: 2.9

Weaknesses

Source	Type	Description
[email protected]	Primary	en CWE-476
134c704f-9b21-4f2e-91b3-4a467353bcc0	Secondary	en CWE-476

Affected Products

Vendor	Product	Version	Update	Type
net-snmp	net-snmp	*	<built-in method update of dict object at 0x72a9b0deb9c0>	Application
netapp	cloud_backup	-	<built-in method update of dict object at 0x72a9cd07a8c0>	Application
netapp	hyper_converged_infrastructure	-	<built-in method update of dict object at 0x72a9b0dcc900>	Application
netapp	storagegrid_webscale	-	<built-in method update of dict object at 0x72a9b0de80c0>	Application
netapp	data_ontap	-	<built-in method update of dict object at 0x72a9b0de8a00>	Operating System
netapp	e-series_santricity_os_controller	*	<built-in method update of dict object at 0x72a9cc7d2540>	Operating System
netapp	solidfire_element_os	-	<built-in method update of dict object at 0x72a9b0c12380>	Operating System

Affected Configurations

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:net-snmp:net-snmp::::::::`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:netapp:cloud_backup:-:::::::*`
Yes	`cpe:2.3:a:netapp:hyper_converged_infrastructure:-:::::::*`
Yes	`cpe:2.3:a:netapp:storagegrid_webscale:-:::::::*`
Yes	`cpe:2.3:o:netapp:data_ontap:-:::::::*`
Yes	`cpe:2.3:o:netapp:e-series_santricity_os_controller::::::::`
Yes	`cpe:2.3:o:netapp:solidfire_element_os:-:::::::*`

References

https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
Source: [email protected]

Exploit Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20181107-0001/
Source: [email protected]

Third Party Advisory
https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/
Source: [email protected]

Patch Third Party Advisory
https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/
Source: [email protected]

Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
Source: [email protected]
https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20181107-0001/
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/
Source: af854a3a-2127-422b-91ae-364da2661108

Patch Third Party Advisory
https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/
Source: af854a3a-2127-422b-91ae-364da2661108

Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
Source: af854a3a-2127-422b-91ae-364da2661108