Your submission was sent successfully! Close

CVE-2018-1000116

Published: 7 March 2018

NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.

Notes

AuthorNote
mdeslaur
dupe of CVE-2015-5621
Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
net-snmp
Launchpad, Ubuntu, Debian
artful Not vulnerable
(5.7.3+dfsg-1.7ubuntu1)
precise
Released (5.4.3~dfsg-2.4ubuntu1.3)
trusty
Released (5.7.2~dfsg-8.1ubuntu3.1)
upstream
Released (5.7.3+dfsg-1.1)
xenial
Released (5.7.3+dfsg-1ubuntu1)
Patches:
upstream: https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/