CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12898
https://notcve.org/view.php?id=CVE-2017-12898
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply(). El analizador sintáctico NFS en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-nfs.c:interp_reply(). • http://www.debian.org/security/2017/dsa-3971 http://www.securitytracker.com/id/1039307 http://www.tcpdump.org/tcpdump-changes.txt https://access.redhat.com/errata/RHEA-2018:0705 https://github.com/the-tcpdump-group/tcpdump/commit/19d25dd8781620cd41bf178a5e2e27fc1cf242d0 https://security.gentoo.org/glsa/201709-23 https://support.apple.com/HT208221 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2017-12899
https://notcve.org/view.php?id=CVE-2017-12899
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). El analizador sintáctico DECnet en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-decnet.c:decnet_print(). • http://www.debian.org/security/2017/dsa-3971 http://www.securitytracker.com/id/1039307 http://www.tcpdump.org/tcpdump-changes.txt https://access.redhat.com/errata/RHEA-2018:0705 https://github.com/the-tcpdump-group/tcpdump/commit/c6e0531b5def26ecf912e8de6ade86cbdaed3751 https://github.com/the-tcpdump-group/tcpdump/commit/f96003b21e2abfbba59b926b10a7f9bc7d11e36c https://security.gentoo.org/glsa/201709-23 https://support.apple.com/HT208221 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12900
https://notcve.org/view.php?id=CVE-2017-12900
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf(). Varios analizadores sintácticos de protocolos en tcpdump en versiones anteriores a la 4.9.2 podrían provocar una sobrelectura de búfer en util-print.c:tok2strbuf(). • http://www.debian.org/security/2017/dsa-3971 http://www.securitytracker.com/id/1039307 http://www.tcpdump.org/tcpdump-changes.txt https://access.redhat.com/errata/RHEA-2018:0705 https://github.com/the-tcpdump-group/tcpdump/commit/0318fa8b61bd6c837641129d585f1a73c652b1e0 https://security.gentoo.org/glsa/201709-23 https://support.apple.com/HT208221 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12901
https://notcve.org/view.php?id=CVE-2017-12901
The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print(). El analizador sintáctico EIGRP en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-eigrp.c:eigrp_print(). • http://www.debian.org/security/2017/dsa-3971 http://www.securitytracker.com/id/1039307 http://www.tcpdump.org/tcpdump-changes.txt https://access.redhat.com/errata/RHEA-2018:0705 https://github.com/the-tcpdump-group/tcpdump/commit/de981e6070d168b58ec1bb0713ded77ed4ad87f4 https://security.gentoo.org/glsa/201709-23 https://support.apple.com/HT208221 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2017-12902
https://notcve.org/view.php?id=CVE-2017-12902
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. El analizador sintáctico Zephyr en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-zephyr.c en varias funciones. • http://www.debian.org/security/2017/dsa-3971 http://www.securitytracker.com/id/1039307 http://www.tcpdump.org/tcpdump-changes.txt https://access.redhat.com/errata/RHEA-2018:0705 https://github.com/the-tcpdump-group/tcpdump/commit/6ec0c6fa63412c7a07a5bcb790a529c3563b4173 https://github.com/the-tcpdump-group/tcpdump/commit/d17507ffa3e9742199b02a66aa940e79ababfa30 https://security.gentoo.org/glsa/201709-23 https://support.apple.com/HT208221 • CWE-125: Out-of-bounds Read •