rpm package
suse/tcpdump&distro=SUSE Linux Enterprise Desktop 12 SP2
pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2
Vulnerabilities (139)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-7933 | Cri | 9.8 | < 4.9.0-13.1 | 4.9.0-13.1 | Jan 28, 2017 | The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print(). | |
| CVE-2016-7932 | Cri | 9.8 | < 4.9.0-13.1 | 4.9.0-13.1 | Jan 28, 2017 | The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum(). | |
| CVE-2016-7931 | Cri | 9.8 | < 4.9.0-13.1 | 4.9.0-13.1 | Jan 28, 2017 | The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print(). | |
| CVE-2016-7930 | Cri | 9.8 | < 4.9.0-13.1 | 4.9.0-13.1 | Jan 28, 2017 | The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print(). | |
| CVE-2016-7929 | Cri | 9.8 | < 4.9.0-13.1 | 4.9.0-13.1 | Jan 28, 2017 | The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header(). | |
| CVE-2016-7928 | Cri | 9.8 | < 4.9.0-13.1 | 4.9.0-13.1 | Jan 28, 2017 | The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print(). | |
| CVE-2016-7927 | Cri | 9.8 | < 4.9.0-13.1 | 4.9.0-13.1 | Jan 28, 2017 | The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print(). | |
| CVE-2016-7926 | Cri | 9.8 | < 4.9.0-13.1 | 4.9.0-13.1 | Jan 28, 2017 | The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print(). | |
| CVE-2016-7925 | Cri | 9.8 | < 4.9.0-13.1 | 4.9.0-13.1 | Jan 28, 2017 | The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print(). | |
| CVE-2016-7924 | Cri | 9.8 | < 4.9.0-13.1 | 4.9.0-13.1 | Jan 28, 2017 | The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print(). | |
| CVE-2016-7923 | Cri | 9.8 | < 4.9.0-13.1 | 4.9.0-13.1 | Jan 28, 2017 | The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). | |
| CVE-2016-7922 | Cri | 9.8 | < 4.9.0-13.1 | 4.9.0-13.1 | Jan 28, 2017 | The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print(). | |
| CVE-2015-2155 | — | < 4.9.0-13.1 | 4.9.0-13.1 | Mar 24, 2015 | The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | ||
| CVE-2015-2154 | — | < 4.9.0-13.1 | 4.9.0-13.1 | Mar 24, 2015 | The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value. | ||
| CVE-2015-2153 | — | < 4.9.0-13.1 | 4.9.0-13.1 | Mar 24, 2015 | The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU). | ||
| CVE-2015-0261 | — | < 4.9.0-13.1 | 4.9.0-13.1 | Mar 24, 2015 | Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value. | ||
| CVE-2014-8769 | — | < 4.9.0-13.1 | 4.9.0-13.1 | Nov 20, 2014 | tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access. | ||
| CVE-2014-8768 | — | < 4.9.0-13.1 | 4.9.0-13.1 | Nov 20, 2014 | Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame. | ||
| CVE-2014-8767 | — | < 4.9.0-13.1 | 4.9.0-13.1 | Nov 20, 2014 | Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame. |
- affected < 4.9.0-13.1fixed 4.9.0-13.1
The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().
- affected < 4.9.0-13.1fixed 4.9.0-13.1
The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().
- affected < 4.9.0-13.1fixed 4.9.0-13.1
The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().
- affected < 4.9.0-13.1fixed 4.9.0-13.1
The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().
- affected < 4.9.0-13.1fixed 4.9.0-13.1
The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().
- affected < 4.9.0-13.1fixed 4.9.0-13.1
The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().
- affected < 4.9.0-13.1fixed 4.9.0-13.1
The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().
- affected < 4.9.0-13.1fixed 4.9.0-13.1
The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().
- affected < 4.9.0-13.1fixed 4.9.0-13.1
The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().
- affected < 4.9.0-13.1fixed 4.9.0-13.1
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().
- affected < 4.9.0-13.1fixed 4.9.0-13.1
The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().
- affected < 4.9.0-13.1fixed 4.9.0-13.1
The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().
- CVE-2015-2155Mar 24, 2015affected < 4.9.0-13.1fixed 4.9.0-13.1
The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
- CVE-2015-2154Mar 24, 2015affected < 4.9.0-13.1fixed 4.9.0-13.1
The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value.
- CVE-2015-2153Mar 24, 2015affected < 4.9.0-13.1fixed 4.9.0-13.1
The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).
- CVE-2015-0261Mar 24, 2015affected < 4.9.0-13.1fixed 4.9.0-13.1
Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value.
- CVE-2014-8769Nov 20, 2014affected < 4.9.0-13.1fixed 4.9.0-13.1
tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access.
- CVE-2014-8768Nov 20, 2014affected < 4.9.0-13.1fixed 4.9.0-13.1
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.
- CVE-2014-8767Nov 20, 2014affected < 4.9.0-13.1fixed 4.9.0-13.1
Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame.
Page 7 of 7