| Vulnerability Name: | CVE-2018-1000116 (CCN-140121) | ||||||||||||||||||||||||
| Assigned: | 2018-03-07 | ||||||||||||||||||||||||
| Published: | 2018-03-07 | ||||||||||||||||||||||||
| Updated: | 2020-08-24 | ||||||||||||||||||||||||
| Summary: | NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution. | ||||||||||||||||||||||||
| CVSS v3 Severity: | 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)
5.7 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||
| Vulnerability Type: | CWE-787 CWE-20 | ||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2018-1000116 Source: XF Type: UNKNOWN netsnmp-cve20181000116-command-exec(140121) Source: MLIST Type: Third Party Advisory [debian-lts-announce] 20180326 [SECURITY] [DLA 1317-1] net-snmp security update Source: CCN Type: NET-SNMP Bug #2821 NET-SNMP Heap Corruption Source: CONFIRM Type: Exploit, Third Party Advisory https://sourceforge.net/p/net-snmp/bugs/2821/ Source: DEBIAN Type: UNKNOWN DSA-4154 | ||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5: Configuration RedHat 6: Configuration RedHat 7: Configuration RedHat 8: Configuration RedHat 9: Configuration RedHat 10: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||