rpm package

suse/tcpdump&distro=SUSE Linux Enterprise Server 12 SP2

pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2

Vulnerabilities (139)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-12899	Cri	9.8	< 4.9.2-14.5.1	4.9.2-14.5.1	Sep 14, 2017	The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
CVE-2017-12898	Cri	9.8	< 4.9.2-14.5.1	4.9.2-14.5.1	Sep 14, 2017	The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
CVE-2017-12897	Cri	9.8	< 4.9.2-14.5.1	4.9.2-14.5.1	Sep 14, 2017	The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
CVE-2017-12896	Cri	9.8	< 4.9.2-14.5.1	4.9.2-14.5.1	Sep 14, 2017	The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
CVE-2017-12895	Cri	9.8	< 4.9.2-14.5.1	4.9.2-14.5.1	Sep 14, 2017	The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
CVE-2017-12894	Cri	9.8	< 4.9.2-14.5.1	4.9.2-14.5.1	Sep 14, 2017	Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().
CVE-2017-12893	Cri	9.8	< 4.9.2-14.5.1	4.9.2-14.5.1	Sep 14, 2017	The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
CVE-2017-11543	Cri	9.8	< 4.9.2-14.5.1	4.9.2-14.5.1	Jul 23, 2017	tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.
CVE-2017-11542	Cri	9.8	< 4.9.2-14.5.1	4.9.2-14.5.1	Jul 23, 2017	tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
CVE-2017-11541	Cri	9.8	< 4.9.2-14.5.1	4.9.2-14.5.1	Jul 23, 2017	tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
CVE-2017-11108	Hig	7.5	< 4.9.2-14.5.1	4.9.2-14.5.1	Jul 8, 2017	tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.
CVE-2017-5486	Cri	9.8	< 4.9.0-13.1	4.9.0-13.1	Jan 28, 2017	The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
CVE-2017-5485	Cri	9.8	< 4.9.0-13.1	4.9.0-13.1	Jan 28, 2017	The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().
CVE-2017-5484	Cri	9.8	< 4.9.0-13.1	4.9.0-13.1	Jan 28, 2017	The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().
CVE-2017-5483	Cri	9.8	< 4.9.0-13.1	4.9.0-13.1	Jan 28, 2017	The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
CVE-2017-5482	Cri	9.8	< 4.9.0-13.1	4.9.0-13.1	Jan 28, 2017	The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.
CVE-2017-5342	Cri	9.8	< 4.9.0-13.1	4.9.0-13.1	Jan 28, 2017	In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().
CVE-2017-5341	Cri	9.8	< 4.9.0-13.1	4.9.0-13.1	Jan 28, 2017	The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().
CVE-2017-5205	Cri	9.8	< 4.9.0-13.1	4.9.0-13.1	Jan 28, 2017	The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().
CVE-2017-5204	Cri	9.8	< 4.9.0-13.1	4.9.0-13.1	Jan 28, 2017	The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().

CVE-2017-12899CriSep 14, 2017
affected < 4.9.2-14.5.1fixed 4.9.2-14.5.1
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
CVE-2017-12898CriSep 14, 2017
affected < 4.9.2-14.5.1fixed 4.9.2-14.5.1
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
CVE-2017-12897CriSep 14, 2017
affected < 4.9.2-14.5.1fixed 4.9.2-14.5.1
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
CVE-2017-12896CriSep 14, 2017
affected < 4.9.2-14.5.1fixed 4.9.2-14.5.1
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
CVE-2017-12895CriSep 14, 2017
affected < 4.9.2-14.5.1fixed 4.9.2-14.5.1
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
CVE-2017-12894CriSep 14, 2017
affected < 4.9.2-14.5.1fixed 4.9.2-14.5.1
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().
CVE-2017-12893CriSep 14, 2017
affected < 4.9.2-14.5.1fixed 4.9.2-14.5.1
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
CVE-2017-11543CriJul 23, 2017
affected < 4.9.2-14.5.1fixed 4.9.2-14.5.1
tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.
CVE-2017-11542CriJul 23, 2017
affected < 4.9.2-14.5.1fixed 4.9.2-14.5.1
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
CVE-2017-11541CriJul 23, 2017
affected < 4.9.2-14.5.1fixed 4.9.2-14.5.1
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
CVE-2017-11108HigJul 8, 2017
affected < 4.9.2-14.5.1fixed 4.9.2-14.5.1
tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.
CVE-2017-5486CriJan 28, 2017
affected < 4.9.0-13.1fixed 4.9.0-13.1
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
CVE-2017-5485CriJan 28, 2017
affected < 4.9.0-13.1fixed 4.9.0-13.1
The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().
CVE-2017-5484CriJan 28, 2017
affected < 4.9.0-13.1fixed 4.9.0-13.1
The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().
CVE-2017-5483CriJan 28, 2017
affected < 4.9.0-13.1fixed 4.9.0-13.1
The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
CVE-2017-5482CriJan 28, 2017
affected < 4.9.0-13.1fixed 4.9.0-13.1
The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.
CVE-2017-5342CriJan 28, 2017
affected < 4.9.0-13.1fixed 4.9.0-13.1
In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().
CVE-2017-5341CriJan 28, 2017
affected < 4.9.0-13.1fixed 4.9.0-13.1
The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().
CVE-2017-5205CriJan 28, 2017
affected < 4.9.0-13.1fixed 4.9.0-13.1
The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().
CVE-2017-5204CriJan 28, 2017
affected < 4.9.0-13.1fixed 4.9.0-13.1
The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().

Page 5 of 7