rpm package

opensuse/tcpdump&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/tcpdump&distro=openSUSE%20Tumbleweed

Vulnerabilities (171)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-11542	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jul 23, 2017	tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
CVE-2017-11541	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jul 23, 2017	tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
CVE-2017-11108	Hig	7.5	< 4.99.1-1.2	4.99.1-1.2	Jul 8, 2017	tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.
CVE-2017-5486	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
CVE-2017-5485	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().
CVE-2017-5484	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().
CVE-2017-5483	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
CVE-2017-5482	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.
CVE-2017-5342	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().
CVE-2017-5341	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().
CVE-2017-5205	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().
CVE-2017-5204	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().
CVE-2017-5203	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
CVE-2017-5202	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
CVE-2016-8575	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.
CVE-2016-8574	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
CVE-2016-7993	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
CVE-2016-7992	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().
CVE-2016-7986	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.
CVE-2016-7985	Cri	9.8	< 4.99.1-1.2	4.99.1-1.2	Jan 28, 2017	The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().

CVE-2017-11542CriJul 23, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
CVE-2017-11541CriJul 23, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
CVE-2017-11108HigJul 8, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.
CVE-2017-5486CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
CVE-2017-5485CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().
CVE-2017-5484CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().
CVE-2017-5483CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
CVE-2017-5482CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.
CVE-2017-5342CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().
CVE-2017-5341CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().
CVE-2017-5205CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().
CVE-2017-5204CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().
CVE-2017-5203CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
CVE-2017-5202CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
CVE-2016-8575CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.
CVE-2016-8574CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
CVE-2016-7993CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
CVE-2016-7992CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().
CVE-2016-7986CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.
CVE-2016-7985CriJan 28, 2017
affected < 4.99.1-1.2fixed 4.99.1-1.2
The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().

Page 7 of 9