CVE-2016-7938

tcpdump: multiple overflow issues in protocol decoding

Severity Score

9.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame().

El analizador ZeroMQ en tcpdump en versiones anteriores a 4.9.0 tiene un desbordamiento de entero en print-zeromq.c:zmtp1_print_frame().

Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode (without -w) which could cause it to display incorrect data, crash or enter an infinite loop.

The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. The following packages have been upgraded to a later upstream version: tcpdump. Security Fix: Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode which could cause it to display incorrect data, crash or enter an infinite loop.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2016-09-09 CVE Reserved
2017-01-28 CVE Published
2024-08-06 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-190: Integer Overflow or Wraparound

CAPEC

References (8)

URL	Tag	Source
http://www.securityfocus.com/bid/95852	Third Party Advisory
http://www.securitytracker.com/id/1037755	Vdb Entry
https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1494526.html	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://www.debian.org/security/2017/dsa-3775	2023-11-07
https://access.redhat.com/errata/RHSA-2017:1871	2023-11-07
https://security.gentoo.org/glsa/201702-30	2023-11-07
https://access.redhat.com/security/cve/CVE-2016-7938	2017-08-01
https://bugzilla.redhat.com/show_bug.cgi?id=1419066	2017-08-01

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Tcpdump Search vendor "Tcpdump"		Tcpdump Search vendor "Tcpdump" for product "Tcpdump"				<= 4.8.1 Search vendor "Tcpdump" for product "Tcpdump" and version " <= 4.8.1"		-		Affected