CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-16808 – Ubuntu Security Notice USN-4252-2
https://notcve.org/view.php?id=CVE-2017-16808
13 Nov 2017 — tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c. tcpdump en versiones anteriores a la 4.9.3 tiene una lectura en exceso del búfer en la región heap de la memoria relacionada con aoe_print en print-aoe.c y lookup_emem en addrtoname.c. USN-4252-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Multiple security issues were discovered in tcpdump. A remote... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-3138
https://notcve.org/view.php?id=CVE-2015-3138
27 Sep 2017 — print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash). print-wb.c en tcpdump en versiones anteriores a la 4.7.4 permite que los atacantes provoquen una denegación de servicio (fallo de segmentación y cierre inesperado del proceso). • http://lists.opensuse.org/opensuse-updates/2017-05/msg00018.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2017-12989 – Gentoo Linux Security Advisory 201709-23
https://notcve.org/view.php?id=CVE-2017-12989
09 Sep 2017 — The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length(). El analizador sintáctico RESP en tcpdump en versiones anteriores a la 4.9.2 podría introducir un bucle infinito por un fallo en print-resp.c:resp_get_length(). Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Bhargava Shastry discovered a buffer overflow in the bitfiel... • http://www.debian.org/security/2017/dsa-3971 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2017-12990 – Gentoo Linux Security Advisory 201709-23
https://notcve.org/view.php?id=CVE-2017-12990
09 Sep 2017 — The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions. El analizador sintáctico ISAKMP en tcpdump en versiones anteriores a la 4.9.2 podría introducir un bucle infinito por varios fallos en print-isakmp.c en múltiples funciones. Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Bhargava Shastry discovered a buffer overf... • http://www.debian.org/security/2017/dsa-3971 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12995 – Gentoo Linux Security Advisory 201709-23
https://notcve.org/view.php?id=CVE-2017-12995
09 Sep 2017 — The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print(). El analizador sintáctico DNS en tcpdump en versiones anteriores a la 4.9.2 podría introducir un bucle infinito por un fallo en print-domain.c:ns_print(). Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Bhargava Shastry discovered a buffer overflow in the bitfield converter ... • http://www.debian.org/security/2017/dsa-3971 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2017-12997 – Gentoo Linux Security Advisory 201709-23
https://notcve.org/view.php?id=CVE-2017-12997
09 Sep 2017 — The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print(). El analizador sintáctico LLDP en tcpdump en versiones anteriores a la 4.9.2 podría introducir un bucle infinito por un fallo en print-lldp.c:lldp_private_8021_print(). Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Bhargava Shastry discovered a buffer overflo... • http://www.debian.org/security/2017/dsa-3971 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-13019 – Gentoo Linux Security Advisory 201709-23
https://notcve.org/view.php?id=CVE-2017-13019
09 Sep 2017 — The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). El analizador sintáctico PGM en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-pgm.c:pgm_print(). Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Bhargava Shastry discovered a buffer overflow in the bitfield converter utility function bitto... • http://www.debian.org/security/2017/dsa-3971 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2017-13041 – Gentoo Linux Security Advisory 201709-23
https://notcve.org/view.php?id=CVE-2017-13041
09 Sep 2017 — The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print(). El analizador sintáctico ICMPv6 en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-icmp6.c:icmp6_nodeinfo_print(). Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Bhargava Shastry discovered a buffer overflow in the bitfield ... • http://www.debian.org/security/2017/dsa-3971 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-13010 – Gentoo Linux Security Advisory 201709-23
https://notcve.org/view.php?id=CVE-2017-13010
09 Sep 2017 — The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart(). El analizador sintáctico BEEP en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-beep.c:l_strnstart(). Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Bhargava Shastry discovered a buffer overflow in the bitfield converter utility functi... • http://www.debian.org/security/2017/dsa-3971 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13049 – Gentoo Linux Security Advisory 201709-23
https://notcve.org/view.php?id=CVE-2017-13049
09 Sep 2017 — The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print(). El analizador sintáctico de protocolo Rx en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en over-read in print-rx.c:ubik_print(). Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Bhargava Shastry discovered a buffer overflow in the bitfield... • http://www.debian.org/security/2017/dsa-3971 • CWE-125: Out-of-bounds Read •