First published: Mon Oct 08 2018(Updated: )
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Net-snmp Net-snmp | <5.8 | |
Debian Debian Linux | =9.0 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =18.10 | |
Netapp Cloud Backup | ||
Netapp Hyper Converged Infrastructure | ||
NetApp StorageGRID Webscale | ||
NetApp Data ONTAP | ||
NetApp E-Series SANtricity OS Controller | >=11.0<=11.5 | |
Netapp Solidfire Element Os | ||
Paloaltonetworks Pan-os | <=7.1.22 | |
Paloaltonetworks Pan-os | >=7.1.23<=8.0.15 | |
Paloaltonetworks Pan-os | >=8.0.16<=8.1.6 | |
ubuntu/net-snmp | <5.7.3+dfsg-1.8ubuntu3.1 | 5.7.3+dfsg-1.8ubuntu3.1 |
ubuntu/net-snmp | <5.7.3+dfsg-1.8ubuntu3.18.10.1 | 5.7.3+dfsg-1.8ubuntu3.18.10.1 |
ubuntu/net-snmp | <5.7.2~dfsg-8.1ubuntu3.3 | 5.7.2~dfsg-8.1ubuntu3.3 |
ubuntu/net-snmp | <5.7.3+dfsg-1ubuntu4.2 | 5.7.3+dfsg-1ubuntu4.2 |
debian/net-snmp | 5.9+dfsg-4+deb11u1 5.9.3+dfsg-2 5.9.4+dfsg-1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-18065 is a vulnerability in Net-SNMP that allows an authenticated attacker to remotely crash an instance via a crafted UDP packet, resulting in denial of service.
CVE-2018-18065 has a severity score of 6.5, which is considered medium.
Net-SNMP versions before 5.8 are affected by CVE-2018-18065.
To fix CVE-2018-18065, update Net-SNMP to version 5.8 or higher.
You can find more information about CVE-2018-18065 at the following references: [Link 1](https://security-tracker.debian.org/tracker/CVE-2018-18065), [Link 2](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18065), [Link 3](https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/)