NotCVE - vendor:"Redhat" product:"Tcpdump"

Page 5 of 35 results (0.013 seconds)

CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0

CVE-2017-12902

https://notcve.org/view.php?id=CVE-2017-12902

The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. El analizador sintáctico Zephyr en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-zephyr.c en varias funciones. • http://www.debian.org/security/2017/dsa-3971 http://www.securitytracker.com/id/1039307 http://www.tcpdump.org/tcpdump-changes.txt https://access.redhat.com/errata/RHEA-2018:0705 https://github.com/the-tcpdump-group/tcpdump/commit/6ec0c6fa63412c7a07a5bcb790a529c3563b4173 https://github.com/the-tcpdump-group/tcpdump/commit/d17507ffa3e9742199b02a66aa940e79ababfa30 https://security.gentoo.org/glsa/201709-23 https://support.apple.com/HT208221 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0

CVE-2017-12987

https://notcve.org/view.php?id=CVE-2017-12987

The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements(). El analizador sintáctico IEEE 802.11 en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-802_11.c:parse_elements(). • http://www.debian.org/security/2017/dsa-3971 http://www.securitytracker.com/id/1039307 http://www.tcpdump.org/tcpdump-changes.txt https://access.redhat.com/errata/RHEA-2018:0705 https://github.com/the-tcpdump-group/tcpdump/commit/2ecb9d2c67d9119250c54811a6ce4d0f2ddf44f1 https://github.com/the-tcpdump-group/tcpdump/commit/99798bd9a41bd3d03fdc1e949810a38967f20ed3 https://security.gentoo.org/glsa/201709-23 https://support.apple.com/HT208221 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0

CVE-2017-12899

https://notcve.org/view.php?id=CVE-2017-12899

The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print(). El analizador sintáctico DECnet en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-decnet.c:decnet_print(). • http://www.debian.org/security/2017/dsa-3971 http://www.securitytracker.com/id/1039307 http://www.tcpdump.org/tcpdump-changes.txt https://access.redhat.com/errata/RHEA-2018:0705 https://github.com/the-tcpdump-group/tcpdump/commit/c6e0531b5def26ecf912e8de6ade86cbdaed3751 https://github.com/the-tcpdump-group/tcpdump/commit/f96003b21e2abfbba59b926b10a7f9bc7d11e36c https://security.gentoo.org/glsa/201709-23 https://support.apple.com/HT208221 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0

CVE-2017-12896

https://notcve.org/view.php?id=CVE-2017-12896

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print(). El analizador sintáctico ISAKMP en tcpdump en versiones anteriores a la 4.9.2 tiene una vulnerabilidad de sobrelectura de búfer en print-isakmp.c:isakmp_rfc3948_print(). • http://www.debian.org/security/2017/dsa-3971 http://www.securitytracker.com/id/1039307 http://www.tcpdump.org/tcpdump-changes.txt https://access.redhat.com/errata/RHEA-2018:0705 https://github.com/the-tcpdump-group/tcpdump/commit/4e430c6b0d8b7e77c7abca7e7afb0c3e727502f2 https://github.com/the-tcpdump-group/tcpdump/commit/f76e7feb41a4327d2b0978449bbdafe98d4a3771 https://security.gentoo.org/glsa/201709-23 https://support.apple.com/HT208221 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 30%CPEs: 12EXPL: 0

CVE-2017-5203 – tcpdump: multiple overflow issues in protocol decoding

https://notcve.org/view.php?id=CVE-2017-5203

The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print(). El analizador BOOTP en tcpdump en versiones anteriores a 4.9.0 tiene un desbordamiento de búfer en print-bootp.c:bootp_print(). Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode (without -w) which could cause it to display incorrect data, crash or enter an infinite loop. • http://www.debian.org/security/2017/dsa-3775 http://www.securityfocus.com/bid/95852 http://www.securitytracker.com/id/1037755 https://access.redhat.com/errata/RHSA-2017:1871 https://security.gentoo.org/glsa/201702-30 https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1494526.html https://access.redhat.com/security/cve/CVE-2017-5203 https://bugzilla.redhat.com/show_bug.cgi?id=1419066 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •

1...3 4 5 6 7