PT-2016-3280 · Net Snmp+3 · Net-Snmp+3

Magnus Klaaborg Stubman

Published

2016-10-06

Updated

2024-06-15

CVE-2018-18065

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Net-SNMP versions prior to 5.8 PAN-OS (affected versions not specified)

Description The issue is related to a NULL Pointer Exception bug in the set key function, which can be exploited by an authenticated attacker to cause a Denial of Service via a crafted UDP packet, resulting in the instance crashing. This can be achieved remotely.

Recommendations For Net-SNMP versions prior to 5.8, update to version 5.8 or later to resolve the issue. For PAN-OS, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2019-00433

CVE-2018-18065

DLA-1540-1

DSA-4314-1

OPENSUSE-SU-2018_3381-1

OPENSUSE-SU-2018_3508-1

OPENSUSE-SU-2022:0050-1

OPENSUSE-SU-2022_0050-1

OPENSUSE-SU-2024:11082-1

SUSE-SU-2018:3319-1

SUSE-SU-2018:3333-1

SUSE-SU-2018:3447-1

SUSE-SU-2018:3447-2

SUSE-SU-2018_3319-1

SUSE-SU-2018_3333-1

SUSE-SU-2018_3447-1

SUSE-SU-2018_3447-2

SUSE-SU-2022:0050-1

SUSE-SU-2022:0050-2

SUSE-SU-2022_0050-1

SUSE-SU-2022_0050-2

USN-3792-1

USN-3792-2

USN-3792-3

Affected Products

Net-Snmp

Pan-Os

Suse

Ubuntu

PT-2016-3280 · Net Snmp+3 · Net-Snmp+3

CVE-2018-18065

Weakness Enumeration

Related Identifiers

Affected Products

References · 120