Vulnerability Name:

CVE-2018-18066 (CCN-150992)

Assigned:2015-10-06
Published:2015-10-06
Updated:2019-10-16
Summary:snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.7 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-476
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2018-18066

Source: CCN
Type: Net-SNMP Web site
Net-SNMP

Source: CCN
Type: Oracle CPUOct2019
Oracle Critical Patch Update Advisory - October 2019

Source: MISC
Type: Exploit, Patch, Third Party Advisory
https://dumpco.re/blog/net-snmp-5.7.3-remote-dos

Source: XF
Type: UNKNOWN
netsnmp-cve201818066-dos(150992)

Source: CCN
Type: Packet Storm Security [10-08-2018]
net-snmp 5.7.3 Unauthenticated Denial Of Service

Source: CCN
Type: oss-sec Mailing List, Mon, 8 Oct 2018 20:46:29 +0200
net-snmp 5.7.3 unauthenticated remote Denial of Service (exploit available)

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20181107-0001/

Source: MISC
Type: Patch, Third Party Advisory
https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/

Source: MISC
Type: Patch, Third Party Advisory
https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [10-08-2018]

Source: CCN
Type: IBM Security Bulletin 6238168 (QRadar Network Security)
IBM QRadar Network Security is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6252419 (MQ Appliance)
IBM MQ Appliance is affected by a denial of service vulnerability (CVE-2018-18066)

Source: CCN
Type: IBM Security Bulletin 6403273 (Security Privileged Identity Manager)
IBM Security Privileged Identity Manager is affected by security vulnerabilities

Source: MISC
Type: UNKNOWN
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Vulnerable Configuration:Configuration 1:
  • cpe:/a:net-snmp:net-snmp:*:*:*:*:*:*:*:* (Version < 5.8)

    • Configuration 2:
  • cpe:/a:netapp:cloud_backup:-:*:*:*:*:*:*:*
  • OR cpe:/a:netapp:hyper_converged_infrastructure:-:*:*:*:*:*:*:*
  • OR cpe:/a:netapp:storagegrid_webscale:-:*:*:*:*:*:*:*
  • OR cpe:/o:netapp:data_ontap:-:*:*:*:*:*:*:*
  • OR cpe:/o:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:* (Version >= 11.0 and <= 11.5)
  • OR cpe:/o:netapp:solidfire_element_os:-:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:net-snmp:net-snmp:5.7.3:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:qradar_network_security:5.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_network_security:5.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:mq_appliance:9.1.0.0:*:*:*:continuous_delivery:*:*:*
  • OR cpe:/a:ibm:mq_appliance:9.1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:mq_appliance:9.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_privileged_identity_manager:2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:mq_appliance:9.1.0.2:*:*:*:continuous_delivery:*:*:*
  • OR cpe:/a:ibm:mq_appliance:9.1.2:*:*:*:continuous_delivery:*:*:*
  • OR cpe:/a:ibm:mq_appliance:9.1.0.3:*:*:*:continuous_delivery:*:*:*
  • OR cpe:/a:ibm:mq_appliance:9.1.3:*:*:*:continuous_delivery:*:*:*
  • OR cpe:/a:ibm:mq_appliance:9.1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:mq_appliance:9.1.4:*:*:*:continuous_delivery:*:*:*
  • OR cpe:/a:ibm:mq_appliance:9.1.5:*:*:*:continuous_delivery:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.redhat.rhsa:def:20201081
    P
    		RHSA-2020:1081: net-snmp security and bug fix update (Moderate)
    2020-03-31
    oval:com.ubuntu.bionic:def:201818066000
    V
    		CVE-2018-18066 on Ubuntu 18.04 LTS (bionic) - medium.
    2018-10-08
    oval:com.ubuntu.xenial:def:2018180660000000
    V
    		CVE-2018-18066 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-10-08
    oval:com.ubuntu.trusty:def:201818066000
    V
    		CVE-2018-18066 on Ubuntu 14.04 LTS (trusty) - medium.
    2018-10-08
    oval:com.ubuntu.xenial:def:201818066000
    V
    		CVE-2018-18066 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-10-08
    oval:com.ubuntu.bionic:def:2018180660000000
    V
    		CVE-2018-18066 on Ubuntu 18.04 LTS (bionic) - medium.
    2018-10-08
    BACK
    net-snmp net-snmp *
    netapp cloud backup -
    netapp hyper converged infrastructure -
    netapp storagegrid webscale -
    netapp data ontap -
    netapp e-series santricity os controller *
    netapp solidfire element os -
    net-snmp net-snmp 5.7.3
    ibm qradar network security 5.4.0
    ibm qradar network security 5.5.0
    ibm mq appliance 9.1.0.0
    ibm mq appliance 9.1.0.1
    ibm mq appliance 9.1.1
    ibm security privileged identity manager 2.1.1
    ibm mq appliance 9.1.0.2
    ibm mq appliance 9.1.2
    ibm mq appliance 9.1.0.3
    ibm mq appliance 9.1.3
    ibm mq appliance 9.1.0.4
    ibm mq appliance 9.1.4
    ibm mq appliance 9.1.5