CVE-2018-16452 – tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c
https://notcve.org/view.php?id=CVE-2018-16452
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. El analizador SMB en tcpdump versiones anteriores a 4.9.3, presenta un agotamiento de pila en smbutil.c:smb_fdata() mediante la recursividad. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html http://seclists.org/fulldisclosure/2019/Dec/26 https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES https://github.com/the-tcpdump-group/tcpdump/commit/24182d959f661327525a20d9a94c98a8ec016778 https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVE-2019-1010220
https://notcve.org/view.php?id=CVE-2019-1010220
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file. tcpdump de tcpdump.org versión 4.9.2 está afectado por: CWE-126: Sobrecarga del Búfer. El impacto es: puede exponer el Puntero Frame Guardado, la Dirección de Retorno, etc. en la pila. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html https://github.com/the-tcpdump-group/tcpdump/blob/master/print-hncp.c https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9.2/print-hncp.c https://github.com/the-tcpdump-group/tcpdump/commits/master/print-hncp.c https://lists.fedoraproject.org/archives/list/ • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2018-19519 – tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap
https://notcve.org/view.php?id=CVE-2018-19519
In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization. En la versión 4.9.2 de tcpdump, existe un una sobrelectura de búfer basada en pila en la función print_prefix de print-hncp.c mediante un paquete de datos manipulado debido a la falta de una inicialización. • http://www.securityfocus.com/bid/106098 https://access.redhat.com/errata/RHSA-2019:3976 https://github.com/zyingp/temp/blob/master/tcpdump.md https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN https://lists.fedoraproject.org/archives/list/package-announce%40list • CWE-125: Out-of-bounds Read CWE-909: Missing Initialization of Resource •
CVE-2017-16808
https://notcve.org/view.php?id=CVE-2017-16808
tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c. tcpdump en versiones anteriores a la 4.9.3 tiene una lectura en exceso del búfer en la región heap de la memoria relacionada con aoe_print en print-aoe.c y lookup_emem en addrtoname.c. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00065.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html http://packetstormsecurity.com/files/154710/Slackware-Security-Advisory-tcpdump-Updates.html http://seclists.org/fulldisclosure/2019/Dec/26 http://www.securitytracker.com/id/1039773 https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES https://github.com/the-tcpd • CWE-125: Out-of-bounds Read •
CVE-2015-3138
https://notcve.org/view.php?id=CVE-2015-3138
print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash). print-wb.c en tcpdump en versiones anteriores a la 4.7.4 permite que los atacantes provoquen una denegación de servicio (fallo de segmentación y cierre inesperado del proceso). • http://lists.opensuse.org/opensuse-updates/2017-05/msg00018.html https://bugzilla.redhat.com/show_bug.cgi?id=1212342 https://github.com/the-tcpdump-group/tcpdump/commit/3ed82f4ed0095768529afc22b923c8f7171fff70 https://github.com/the-tcpdump-group/tcpdump/issues/446 • CWE-20: Improper Input Validation •