CVSS: 7.5EPSS: 0%CPEs: 83EXPL: 0CVE-2018-14468 – tcpdump: Buffer over-read in mfr_print() function in print-fr.c
https://notcve.org/view.php?id=CVE-2018-14468
01 Oct 2019 — The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). El analizador FRF.16 en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en print-fr.c:mfr_print(). An out-of-bounds read vulnerability was discovered in tcpdump while printing FRF.16 packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application. Re... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 1CVE-2019-15166 – lmp_print in tcpdump lacks certain boundary checks
https://notcve.org/view.php?id=CVE-2019-15166
01 Oct 2019 — lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. La función lmp_print_data_link_subobjs() en el archivo print-lmp.c en tcpdump versiones anteriores a 4.9.3, carece de ciertas comprobaciones de límites. Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications r... • https://github.com/Satheesh575555/external_tcpdump_AOSP10_r33_CVE-2019-15166 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2018-14461 – tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c
https://notcve.org/view.php?id=CVE-2018-14461
01 Oct 2019 — The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). El analizador LDP en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en print-ldp.c:ldp_tlv_print(). An out-of-bounds read vulnerability was discovered in tcpdump while printing LDP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application. R... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-16301 – Ubuntu Security Notice USN-5331-2
https://notcve.org/view.php?id=CVE-2018-16301
01 Oct 2019 — The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump. El analizador de argumentos de la línea de comandos en tcpdump antes de la versión 4.99.0 tiene un desbordamiento de búfer en tcpdump.c:read_infile(). Para desencadenar esta vulnerabilidad, el atacante necesita crear un arch... • https://github.com/the-tcpdump-group/tcpdump/commit/ad7c25bc0decf96dc7768c9e903734d38528b1bd • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 1CVE-2018-14881 – tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c
https://notcve.org/view.php?id=CVE-2018-14881
01 Oct 2019 — The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). El analizador BGP en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). An out-of-bounds read vulnerability was discovered in tcpdump while printing BGP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, whe... • https://github.com/uthrasri/CVE-2018-14881_no_patch • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2018-16452 – tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c
https://notcve.org/view.php?id=CVE-2018-16452
01 Oct 2019 — The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. El analizador SMB en tcpdump versiones anteriores a 4.9.3, presenta un agotamiento de pila en smbutil.c:smb_fdata() mediante la recursividad. Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-3138
https://notcve.org/view.php?id=CVE-2015-3138
27 Sep 2017 — print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash). print-wb.c en tcpdump en versiones anteriores a la 4.7.4 permite que los atacantes provoquen una denegación de servicio (fallo de segmentación y cierre inesperado del proceso). • http://lists.opensuse.org/opensuse-updates/2017-05/msg00018.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-13036 – Gentoo Linux Security Advisory 201709-23
https://notcve.org/view.php?id=CVE-2017-13036
09 Sep 2017 — The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3(). El analizador sintáctico OSPFv3 en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-ospf6.c:ospf6_decode_v3(). Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Bhargava Shastry discovered a buffer overflow in the bitfield converter ... • http://www.debian.org/security/2017/dsa-3971 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-13041 – Gentoo Linux Security Advisory 201709-23
https://notcve.org/view.php?id=CVE-2017-13041
09 Sep 2017 — The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print(). El analizador sintáctico ICMPv6 en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-icmp6.c:icmp6_nodeinfo_print(). Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Bhargava Shastry discovered a buffer overflow in the bitfield ... • http://www.debian.org/security/2017/dsa-3971 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13013 – Gentoo Linux Security Advisory 201709-23
https://notcve.org/view.php?id=CVE-2017-13013
09 Sep 2017 — The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions. El analizador sintáctico ARP en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-arp.c en varias funciones. Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Bhargava Shastry discovered a buffer overflow in the bitfield converter utility... • http://www.debian.org/security/2017/dsa-3971 • CWE-125: Out-of-bounds Read •