CVE-2018-1000116

Published: 07 March 2018

NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
net-snmp
Launchpad, Ubuntu, Debian
Upstream
Released (5.7.3+dfsg-1.1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (5.7.3+dfsg-1ubuntu1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (5.7.2~dfsg-8.1ubuntu3.1)
Patches:
Upstream: https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/