VYPR

Tcpdump

by Tcpdump

Source repositories

CVEs (186)

  • CVE-2016-7931CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().

  • CVE-2016-7930CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().

  • CVE-2016-7929CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().

  • CVE-2016-7928CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().

  • CVE-2016-7927CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().

  • CVE-2016-7926CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().

  • CVE-2016-7925CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().

  • CVE-2016-7924CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().

  • CVE-2016-7923CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().

  • CVE-2016-7922CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().

  • CVE-2017-12989HigSep 14, 2017
    risk 0.49cvss 7.5epss 0.02

    The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().

  • CVE-2017-11108HigJul 8, 2017
    risk 0.49cvss 7.5epss 0.05

    tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.

  • CVE-2015-3138HigSep 28, 2017
    risk 0.42cvss 7.5epss 0.02

    print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).

  • CVE-2017-16808MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.03

    tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.

  • CVE-2024-2397MedApr 12, 2024
    risk 0.33cvss 6.2epss 0.00

    Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21.

  • CVE-2004-0184May 4, 2004
    risk 0.08cvss epss 0.60

    Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an…

  • CVE-2015-2153Mar 24, 2015
    risk 0.05cvss epss 0.19

    The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).

  • CVE-2014-8768Nov 20, 2014
    risk 0.05cvss epss 0.20

    Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.

  • CVE-2005-1267Jun 10, 2005
    risk 0.04cvss epss 0.14

    The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.

  • CVE-2005-1280May 2, 2005
    risk 0.04cvss epss 0.10

    The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.

Page 7 of 10