MidnightBSD

Advisories for tcpdump

CVE-2004-0183 MEDIUM

TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2004-0184 MEDIUM

Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-191,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2007-3798 MEDIUM

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-252,CWE-252,

Products Affected

Vendor Product Version
freebsd freebsd 6.1
canonical ubuntu_linux 7.04
apple mac_os_x *
freebsd freebsd *
slackware slackware 12.0
slackware slackware 10.1
apple mac_os_x_server *
slackware slackware 9.0
slackware slackware 11.0
debian debian_linux 4.0
freebsd freebsd 5.5
freebsd freebsd 6.2
canonical ubuntu_linux 6.06
debian debian_linux 3.1
slackware slackware 10.2
slackware slackware 9.1
slackware slackware 10.0
canonical ubuntu_linux 6.10
tcpdump tcpdump *
CVE-2011-1935 HIGH

pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding detection via crafted packets.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
tcpdump libpcap *
CVE-2015-0261 HIGH

Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2015-2153 MEDIUM

The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2015-2154 MEDIUM

The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2015-2155 HIGH

The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
opensuse opensuse 13.2
fedoraproject fedora 21
debian debian_linux 7.0
oracle solaris 11.2
debian debian_linux 8.0
opensuse opensuse 13.1
tcpdump tcpdump *
CVE-2015-3138 MEDIUM

print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
opensuse leap 42.2
opensuse_project leap 42.1
tcpdump tcpdump *
CVE-2016-7922 HIGH

The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7923 HIGH

The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7924 HIGH

The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7925 HIGH

The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7926 HIGH

The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7927 HIGH

The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7928 HIGH

The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7929 HIGH

The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7930 HIGH

The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7931 HIGH

The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7932 HIGH

The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7933 HIGH

The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7934 HIGH

The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7935 HIGH

The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7936 HIGH

The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7937 HIGH

The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7938 HIGH

The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7939 HIGH

The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7940 HIGH

The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7973 HIGH

The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7974 HIGH

The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7975 HIGH

The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7983 HIGH

The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7984 HIGH

The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7985 HIGH

The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7986 HIGH

The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7992 HIGH

The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-7993 HIGH

A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-8574 HIGH

The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2016-8575 HIGH

The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-11108 MEDIUM

tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump 4.9.0
CVE-2017-11541 HIGH

tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump 4.9.0
CVE-2017-11542 HIGH

tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump 4.9.0
CVE-2017-11543 HIGH

tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump 4.9.0
CVE-2017-12893 HIGH

The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12894 HIGH

Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12895 HIGH

The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12896 HIGH

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
redhat enterprise_linux_server 7.0
debian debian_linux 9.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_aus 7.7
tcpdump tcpdump *
CVE-2017-12897 HIGH

The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12898 HIGH

The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12899 HIGH

The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
redhat enterprise_linux_server 7.0
debian debian_linux 9.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_aus 7.7
tcpdump tcpdump *
CVE-2017-12900 HIGH

Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12901 HIGH

The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12902 HIGH

The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
redhat enterprise_linux_server 7.0
debian debian_linux 9.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_aus 7.7
tcpdump tcpdump *
CVE-2017-12985 HIGH

The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12986 HIGH

The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12987 HIGH

The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
redhat enterprise_linux_server 7.0
debian debian_linux 9.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_aus 7.7
tcpdump tcpdump *
CVE-2017-12988 HIGH

The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12989 MEDIUM

The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-835,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12990 MEDIUM

The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-835,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12991 HIGH

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12992 HIGH

The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12993 HIGH

The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12994 HIGH

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12995 MEDIUM

The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-835,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12996 HIGH

The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12997 MEDIUM

The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-835,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12998 HIGH

The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-12999 HIGH

The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13000 HIGH

The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13001 HIGH

The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13002 HIGH

The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13003 HIGH

The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13004 HIGH

The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
debian debian_linux 9.0
debian debian_linux 8.0
tcpdump tcpdump *
CVE-2017-13005 HIGH

The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13006 HIGH

The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13007 HIGH

The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13008 HIGH

The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13009 HIGH

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13010 HIGH

The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13011 HIGH

Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13012 HIGH

The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13013 HIGH

The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13014 HIGH

The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13015 HIGH

The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13016 HIGH

The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13017 HIGH

The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13018 HIGH

The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13019 HIGH

The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13020 HIGH

The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
debian debian_linux 9.0
debian debian_linux 8.0
tcpdump tcpdump *
CVE-2017-13021 HIGH

The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13022 HIGH

The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13023 HIGH

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13024 HIGH

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
debian debian_linux 9.0
debian debian_linux 8.0
tcpdump tcpdump *
CVE-2017-13025 HIGH

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13026 HIGH

The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13027 HIGH

The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13028 HIGH

The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
debian debian_linux 9.0
debian debian_linux 8.0
tcpdump tcpdump *
CVE-2017-13029 HIGH

The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13030 HIGH

The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13031 HIGH

The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13032 HIGH

The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13033 HIGH

The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13034 HIGH

The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13035 HIGH

The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13036 HIGH

The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13037 HIGH

The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13038 HIGH

The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13039 HIGH

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13040 HIGH

The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13041 HIGH

The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13042 HIGH

The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13043 HIGH

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13044 HIGH

The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13045 HIGH

The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13046 HIGH

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13047 HIGH

The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13048 HIGH

The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13049 HIGH

The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13050 HIGH

The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13051 HIGH

The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13052 HIGH

The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13053 HIGH

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13054 HIGH

The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13055 HIGH

The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13687 HIGH

The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
debian debian_linux 9.0
debian debian_linux 8.0
tcpdump tcpdump *
CVE-2017-13688 HIGH

The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13689 HIGH

The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13690 HIGH

The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-13725 HIGH

The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
debian debian_linux 9.0
debian debian_linux 8.0
tcpdump tcpdump *
CVE-2017-16808 MEDIUM

tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump 4.9.2
CVE-2017-5202 HIGH

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.6
debian debian_linux 8.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_eus 7.6
debian debian_linux 9.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server_aus 7.6
tcpdump tcpdump *
CVE-2017-5203 HIGH

The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.6
debian debian_linux 8.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_eus 7.6
debian debian_linux 9.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server_aus 7.6
tcpdump tcpdump *
CVE-2017-5204 HIGH

The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.6
debian debian_linux 8.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_eus 7.6
debian debian_linux 9.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server_aus 7.6
tcpdump tcpdump *
CVE-2017-5205 HIGH

The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.6
debian debian_linux 8.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_eus 7.6
debian debian_linux 9.0
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server_aus 7.6
tcpdump tcpdump *
CVE-2017-5341 HIGH

The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-5342 HIGH

In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-5482 HIGH

The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-5483 HIGH

The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-5484 HIGH

The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-5485 HIGH

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2017-5486 HIGH

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2018-10103 HIGH

tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2018-10105 HIGH

tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2018-14461 MEDIUM

The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
tcpdump tcpdump *
CVE-2018-14462 MEDIUM

The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
f5 traffix_signaling_delivery_controller *
tcpdump tcpdump *
CVE-2018-14463 MEDIUM

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
f5 traffix_signaling_delivery_controller *
tcpdump tcpdump *
CVE-2018-14464 MEDIUM

The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
tcpdump tcpdump *
CVE-2018-14465 MEDIUM

The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
f5 traffix_signaling_delivery_controller *
tcpdump tcpdump *
CVE-2018-14466 MEDIUM

The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
tcpdump tcpdump *
CVE-2018-14467 MEDIUM

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
tcpdump tcpdump *
CVE-2018-14468 MEDIUM

The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
f5 enterprise_manager 3.1.1
f5 big-ip_edge_gateway *
f5 big-ip_application_acceleration_manager *
f5 big-ip_local_traffic_manager *
apple mac_os_x *
fedoraproject fedora 30
f5 big-ip_global_traffic_manager *
fedoraproject fedora 29
f5 big-ip_application_security_manager *
redhat enterprise_linux 8.0
f5 big-ip_webaccelerator *
f5 big-iq_centralized_management 7.0.0
redhat enterprise_linux 7.0
f5 big-ip_policy_enforcement_manager *
debian debian_linux 9.0
f5 big-ip_domain_name_system *
f5 big-ip_link_controller *
opensuse leap 15.1
fedoraproject fedora 31
f5 big-ip_advanced_firewall_manager *
debian debian_linux 8.0
f5 iworkflow 2.3.0
f5 big-ip_analytics *
f5 big-ip_access_policy_manager *
opensuse leap 15.0
f5 big-iq_centralized_management *
f5 big-ip_fraud_protection_service *
f5 traffix_signaling_delivery_controller *
tcpdump tcpdump *
CVE-2018-14469 MEDIUM

The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
f5 traffix_signaling_delivery_controller *
tcpdump tcpdump *
CVE-2018-14470 MEDIUM

The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
tcpdump tcpdump *
CVE-2018-14879 MEDIUM

The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.0 HIGH CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.0 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,CWE-120,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
f5 traffix_signaling_delivery_controller *
tcpdump tcpdump *
CVE-2018-14880 MEDIUM

The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
debian debian_linux 10.0
f5 enterprise_manager 3.1.1
f5 big-ip_edge_gateway *
f5 big-ip_application_acceleration_manager *
f5 big-ip_local_traffic_manager *
apple mac_os_x *
fedoraproject fedora 30
f5 big-ip_global_traffic_manager *
fedoraproject fedora 29
f5 big-ip_application_security_manager *
redhat enterprise_linux 8.0
f5 big-ip_webaccelerator *
f5 big-iq_centralized_management 7.0.0
redhat enterprise_linux 7.0
f5 big-ip_policy_enforcement_manager *
debian debian_linux 9.0
f5 big-ip_domain_name_system *
f5 big-ip_link_controller *
opensuse leap 15.1
fedoraproject fedora 31
f5 big-ip_advanced_firewall_manager *
debian debian_linux 8.0
f5 iworkflow 2.3.0
f5 big-ip_analytics *
f5 big-ip_access_policy_manager *
opensuse leap 15.0
f5 big-iq_centralized_management *
f5 big-ip_fraud_protection_service *
f5 traffix_signaling_delivery_controller *
tcpdump tcpdump *
CVE-2018-14881 MEDIUM

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
tcpdump tcpdump *
CVE-2018-14882 MEDIUM

The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
f5 traffix_signaling_delivery_controller *
tcpdump tcpdump *
CVE-2018-16227 MEDIUM

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
tcpdump tcpdump *
CVE-2018-16228 MEDIUM

The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
tcpdump tcpdump *
CVE-2018-16229 MEDIUM

The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
f5 traffix_signaling_delivery_controller *
tcpdump tcpdump *
CVE-2018-16230 MEDIUM

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
tcpdump tcpdump *
CVE-2018-16300 MEDIUM

The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-674,CWE-674,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2018-16301 MEDIUM

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,CWE-787,CWE-120,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2018-16451 MEDIUM

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-125,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
debian debian_linux 9.0
opensuse leap 15.0
tcpdump tcpdump *
CVE-2018-16452 MEDIUM

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-674,CWE-674,

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2018-19519 MEDIUM

In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,CWE-909,

Products Affected

Vendor Product Version
tcpdump tcpdump 4.9.2
CVE-2019-1010220 MEDIUM

tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-126,CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump 4.9.2
CVE-2019-15161 MEDIUM

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-131,

Products Affected

Vendor Product Version
tcpdump libpcap *
CVE-2019-15162 MEDIUM

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-345,

Products Affected

Vendor Product Version
tcpdump libpcap *
CVE-2019-15163 MEDIUM

rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
tcpdump libpcap *
CVE-2019-15164 MEDIUM

rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-918,

Products Affected

Vendor Product Version
tcpdump libpcap *
CVE-2019-15165 MEDIUM

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-770,CWE-770,

Products Affected

Vendor Product Version
apple mac_os_x 10.13.6
oracle communications_operations_monitor 4.1
apple mac_os_x *
fedoraproject fedora 30
fedoraproject fedora 29
apple mac_os_x 10.15.2
oracle communications_operations_monitor 4.0
canonical ubuntu_linux 19.04
oracle communications_operations_monitor 4.3
canonical ubuntu_linux 18.04
debian debian_linux 9.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
tcpdump libpcap *
apple mac_os_x 10.14.6
opensuse leap 15.1
fedoraproject fedora 31
apple iphone_os 13.3
oracle communications_operations_monitor 4.2
apple watchos 6.1.1
apple tvos 13.3
oracle communications_operations_monitor 3.4
debian debian_linux 8.0
apple ipados 13.3
opensuse leap 15.0
CVE-2019-15166 MEDIUM

lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 1.6 LOW CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L 0.2 1.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,CWE-120,

Products Affected

Vendor Product Version
opensuse leap 15.1
debian debian_linux 10.0
fedoraproject fedora 31
netapp hci_management_node -
netapp solidfire -
apple mac_os_x *
fedoraproject fedora 30
debian debian_linux 8.0
fedoraproject fedora 29
redhat enterprise_linux 8.0
canonical ubuntu_linux 18.04
redhat enterprise_linux 7.0
debian debian_linux 9.0
canonical ubuntu_linux 14.04
netapp cloud_backup -
opensuse leap 15.0
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
tcpdump tcpdump *
CVE-2019-15167

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H 3.9 5.2

Products Affected

Vendor Product Version
tcpdump tcpdump *
CVE-2020-8036 MEDIUM

The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
tcpdump tcpdump 4.10.0
CVE-2020-8037 MEDIUM

The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-770,

Products Affected

Vendor Product Version
apple mac_os_x 10.14.6
apple macos *
debian debian_linux 9.0
apple mac_os_x *
fedoraproject fedora 33
tcpdump tcpdump 4.9.3
apple mac_os_x 10.15.7
fedoraproject fedora 32
CVE-2021-41043 MEDIUM

Use after free in tcpslice triggers AddressSanitizer, no other confirmed impact.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-416,CWE-416,

Products Affected

Vendor Product Version
tcpdump tcpslice *
CVE-2023-1801

The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
tcpdump tcpdump 4.99.3