CVSS: 9.8EPSS: 30%CPEs: 12EXPL: 0CVE-2017-5202 – tcpdump: multiple overflow issues in protocol decoding
https://notcve.org/view.php?id=CVE-2017-5202
28 Jan 2017 — The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print(). El analizador ISO CLNS en tcpdump en versiones anteriores a 4.9.0 tiene un desbordamiento de búfer en print-isoclns.c:clnp_print(). Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode (... • http://www.debian.org/security/2017/dsa-3775 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2016-7923 – tcpdump: multiple overflow issues in protocol decoding
https://notcve.org/view.php?id=CVE-2016-7923
28 Jan 2017 — The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). El analizador ARP en tcpdump en versiones anteriores a 4.9.0 tiene un desbordamiento de búfer en print-arp.c:arp_print(). Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode (without -w) which co... • http://www.debian.org/security/2017/dsa-3775 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2016-7929 – tcpdump: multiple overflow issues in protocol decoding
https://notcve.org/view.php?id=CVE-2016-7929
28 Jan 2017 — The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header(). El analizador Juniper PPPoE ATM en tcpdump en versiones anteriores a 4.9.0 tiene un desbordamiento de búfer en print-juniper.c:juniper_parse_header(). Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcp... • http://www.debian.org/security/2017/dsa-3775 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2017-5484 – tcpdump: multiple overflow issues in protocol decoding
https://notcve.org/view.php?id=CVE-2017-5484
28 Jan 2017 — The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print(). El analizador ATM en tcpdump en versiones anteriores a 4.9.0 tiene un desbordamiento de búfer en print-atm.c:sig_print(). Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode (without -w) which co... • http://www.debian.org/security/2017/dsa-3775 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 6%CPEs: 1EXPL: 0CVE-2015-0261 – tcpdump: IPv6 mobility printer mobility_opt_print() typecastimg/signedness error
https://notcve.org/view.php?id=CVE-2015-0261
10 Mar 2015 — Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value. Error de signo de enteros en la función mobility_opt_print en la impresora IPv6 mobility en tcpdump anterior a 4.7.2 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango y caída) o posiblemente ejecutar código arbitrar... • http://advisories.mageia.org/MGASA-2015-0114.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 17%CPEs: 1EXPL: 3CVE-2015-2153 – TcpDump - rpki_rtr_pdu_print Out-of-Bounds Denial of Service
https://notcve.org/view.php?id=CVE-2015-2153
10 Mar 2015 — The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU). La función rpki_rtr_pdu_print en print-rpki-rtr.c en la impresora TCP en tcpdump anterior a 4.7.2 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango y caída) a través de una longitud de cabecera manipulada en una unidad ... • https://packetstorm.news/files/id/132762 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 9%CPEs: 1EXPL: 0CVE-2015-2154 – tcpdump: ethernet printer osi_print_cksum() missing sanity checks out-of-bounds read
https://notcve.org/view.php?id=CVE-2015-2154
10 Mar 2015 — The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value. La función osi_print_cksum en print-isoclns.c en la impresora ethernet en tcpdump anterior a 4.7.2 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango y caída) a través de un valor de (1) longitud, (2) desplazamiento, o (3) ... • http://advisories.mageia.org/MGASA-2015-0114.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 13%CPEs: 7EXPL: 0CVE-2015-2155 – tcpdump: force printer vulnerability
https://notcve.org/view.php?id=CVE-2015-2155
10 Mar 2015 — The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. La impresora de fuerza en tcpdump en versiones anteriores a 4.7.2 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de vectores no especificados. The Tcpdump program could crash when processing a malformed OLSR payload when the verbose output flag was set. The application de... • http://advisories.mageia.org/MGASA-2015-0114.html •
CVSS: 9.8EPSS: 10%CPEs: 1EXPL: 1CVE-2014-9140 – Ubuntu Security Notice USN-2433-1
https://notcve.org/view.php?id=CVE-2014-9140
04 Dec 2014 — Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet. Desbordamiento de buffer en la función ppp_hdlc en print-ppp.c en tcpdump 4.6.2 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) a través de un paquete PPP manipulado. The Tcpdump program could crash when processing a malformed OLSR payload when the verbose output flag was set. The application decoder for... • http://advisories.mageia.org/MGASA-2014-0511.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 5%CPEs: 19EXPL: 4CVE-2014-8767 – Ubuntu Security Notice USN-2433-1
https://notcve.org/view.php?id=CVE-2014-8767
19 Nov 2014 — Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame. Subdesbordamiento de enteros en la función olsr_print en tcpdump 3.9.6 hasta 4.6.2, cuando está en el modo verbose, permite a atacantes remotos causar una denegación de servicio(caída) a través de valor de longitud manipulado en un Frame OLSR. The Tcpdump program could crash when processing a malformed OLS... • https://packetstorm.news/files/id/129155 • CWE-189: Numeric Errors •