Critical severity9.8NVD Advisory· Published Jul 16, 2007· Updated Apr 23, 2026

CVE-2007-3798

Description

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.

Affected products

Slackware/Slackware7 versions
cpe:2.3:a:slackware:slackware:10.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:slackware:slackware:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:slackware:slackware:10.1:*:*:*:*:*:*:*
- cpe:2.3:a:slackware:slackware:10.2:*:*:*:*:*:*:*
- cpe:2.3:a:slackware:slackware:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:slackware:slackware:12.0:*:*:*:*:*:*:*
- cpe:2.3:a:slackware:slackware:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:slackware:slackware:9.1:*:*:*:*:*:*:*
Tcpdump/Tcpdump
cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*
Range: <=3.9.6
Apple Inc./Mac Os X
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Range: >=10.0.0,<10.4.11
Apple Inc./Mac Os X Server
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
Range: >=10.0.0,<10.4.11
Canonical (company)/Ubuntu Linux3 versions
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
Debian/Debian Linux2 versions
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
FreeBSD/FreeBSD33 versions
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*+ 32 more
- cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*range: >=5.0,<5.5
- cpe:2.3:o:freebsd:freebsd:5.5:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.5:p1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.5:p11:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.5:p12:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.5:p13:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.5:p14:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.5:p2:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.5:p3:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.5:p4:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.5:p5:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.5:p7:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.5:p8:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.5:p9:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:p1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:p10:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:p11:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:p12:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:p13:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:p16:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:p17:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:p18:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:p2:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:p4:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:p6:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:p7:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.1:p9:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.2:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.2:p1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.2:p4:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.2:p5:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:6.2:p6:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

slackware.com/security/viewer.phpnvdMailing ListPatch
www.digit-labs.org/files/exploits/private/tcpdump-bgp.cnvdExploit
bugs.gentoo.org/show_bug.cginvdThird Party Advisory
secunia.com/advisories/26135nvdBroken LinkVendor Advisory
secunia.com/advisories/26168nvdBroken LinkVendor Advisory
secunia.com/advisories/26223nvdBroken LinkVendor Advisory
secunia.com/advisories/26231nvdBroken LinkVendor Advisory
secunia.com/advisories/26263nvdBroken LinkVendor Advisory
secunia.com/advisories/26266nvdBroken LinkVendor Advisory
secunia.com/advisories/26286nvdBroken LinkVendor Advisory
secunia.com/advisories/26395nvdBroken LinkVendor Advisory
secunia.com/advisories/26404nvdBroken LinkVendor Advisory
secunia.com/advisories/26521nvdBroken LinkVendor Advisory
secunia.com/advisories/27580nvdBroken LinkVendor Advisory
secunia.com/advisories/28136nvdBroken LinkVendor Advisory
security.freebsd.org/advisories/FreeBSD-SA-07:06.tcpdump.ascnvdThird Party Advisory
security.gentoo.org/glsa/glsa-200707-14.xmlnvdThird Party Advisory
www.debian.org/security/2007/dsa-1353nvdThird Party Advisory
www.mandriva.com/security/advisoriesnvdThird Party Advisory
www.redhat.com/support/errata/RHSA-2007-0387.htmlnvdBroken LinkVendor Advisory
www.securityfocus.com/archive/1/474225/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/24965nvdBroken LinkThird Party AdvisoryVDB Entry
www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/usn-492-1nvdThird Party Advisory
www.us-cert.gov/cas/techalerts/TA07-352A.htmlnvdBroken LinkThird Party AdvisoryUS Government Resource
www.vupen.com/english/advisories/2007/2578nvdBroken LinkVendor Advisory
www.vupen.com/english/advisories/2007/4238nvdBroken LinkVendor Advisory
cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-bgp.cnvdBroken Link
docs.info.apple.com/article.htmlnvdBroken Link
lists.apple.com/archives/security-announce/2007/Dec/msg00002.htmlnvdMailing List
www.novell.com/linux/security/advisories/2007_16_sr.htmlnvdBroken Link
www.redhat.com/support/errata/RHSA-2007-0368.htmlnvdBroken Link
www.trustix.org/errata/2007/0023/nvdBroken Link
www.turbolinux.com/security/2007/TLSA-2007-46.txtnvdBroken Link
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9771nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.058
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000