PT-2018-1894 · Net Snmp+2 · Net-Snmp+2

P.Raveendra Reddy

Published

2015-08-17

Updated

2020-08-24

CVE-2018-1000116

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NET-SNMP version 5.7.2

Description The issue is related to a heap corruption vulnerability in the UDP protocol handler. This vulnerability can result in command execution. The exploitation of this vulnerability may allow a remote attacker to execute arbitrary commands.

Recommendations For NET-SNMP version 5.7.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

BDU:2018-01498

CESA-2015_1636

CVE-2018-1000116

DLA-1317-1

DSA-4154-1

MGASA-2018-0185

RHSA-2015:1636

RHSA-2015_1636

Affected Products

Centos

Net-Snmp

Red Hat

PT-2018-1894 · Net Snmp+2 · Net-Snmp+2

CVE-2018-1000116

Weakness Enumeration

Related Identifiers

Affected Products

References · 35