CVE-2015-2155 – tcpdump: force printer vulnerability
https://notcve.org/view.php?id=CVE-2015-2155
The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. La impresora de fuerza en tcpdump en versiones anteriores a 4.7.2 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de vectores no especificados. • http://advisories.mageia.org/MGASA-2015-0114.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153834.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html http://www.debian.org/security/2015/dsa-3193 http://www.mandriva.com/security/advisories?name=MDVSA-2015:125 http://www.mandriva.com/security/advisories?name=MDVSA-2015:182 http://www.oracle.com/technetwork/topics/ •
CVE-2015-2153 – TcpDump - rpki_rtr_pdu_print Out-of-Bounds Denial of Service
https://notcve.org/view.php?id=CVE-2015-2153
The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU). La función rpki_rtr_pdu_print en print-rpki-rtr.c en la impresora TCP en tcpdump anterior a 4.7.2 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango y caída) a través de una longitud de cabecera manipulada en una unidad de datos de protocolos (PDU) RPKI-RTR. tcpdump suffers from a rpki_rtr_pdu_print denial of service vulnerability. Versions affected include 4.6.2, 4.5.1, and 4.4.0. • https://www.exploit-db.com/exploits/37663 https://github.com/arntsonl/CVE-2015-2153 http://advisories.mageia.org/MGASA-2015-0114.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153834.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153999.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html http://www.debian.org/security/2015/dsa-3193 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-0261 – tcpdump: IPv6 mobility printer mobility_opt_print() typecastimg/signedness error
https://notcve.org/view.php?id=CVE-2015-0261
Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value. Error de signo de enteros en la función mobility_opt_print en la impresora IPv6 mobility en tcpdump anterior a 4.7.2 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango y caída) o posiblemente ejecutar código arbitrario a través de un valor de longitud negativo. • http://advisories.mageia.org/MGASA-2015-0114.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153834.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153999.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html http://www.debian.org/security/2015/dsa-3193 http://www.mandriva.com/security/advisories?name=MDVSA-2015:125 http://www.mandriva.com/sec • CWE-189: Numeric Errors •
CVE-2014-9140
https://notcve.org/view.php?id=CVE-2014-9140
Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet. Desbordamiento de buffer en la función ppp_hdlc en print-ppp.c en tcpdump 4.6.2 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) a través de un paquete PPP manipulado. • http://advisories.mageia.org/MGASA-2014-0511.html http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html http://seclists.org/tcpdump/2014/q4/72 http://www.debian.org/security/2014/dsa-3086 http://www.debian.org/security/2015/dsa-3193 http://www.mandriva.com/security/advisories?name=MDVSA-2014:240 http://www. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-3798 – tcpdump - Print-bgp.C Remote Integer Underflow
https://notcve.org/view.php?id=CVE-2007-3798
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. Un desbordamiento de enteros en el archivo print-bgp.c en el disector BGP en tcpdump versión 3.9.6 y anteriores, permite a atacantes remotos ejecutar código arbitrario por medio de TLVs especialmente diseñados en un paquete BGP, relacionado a un valor de retorno no comprobado. • https://www.exploit-db.com/exploits/30319 http://bugs.gentoo.org/show_bug.cgi?id=184815 http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-bgp.c?r1=1.91.2.11&r2=1.91.2.12 http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/26135 http://secunia.com/advisories/26168 http://secunia.com/advisories/26223 http://secunia.com/advisories/26231 http://secunia.com • CWE-190: Integer Overflow or Wraparound CWE-252: Unchecked Return Value •