VYPR

Vendor CVEs

Tcpdump

All CVEs

195 total · sorted by risk
  • CVE-2017-5202CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.04

    The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().

  • CVE-2016-8575CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.06

    The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.

  • CVE-2016-8574CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().

  • CVE-2016-7993CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).

  • CVE-2016-7992CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().

  • CVE-2016-7986CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.

  • CVE-2016-7985CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().

  • CVE-2016-7984CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().

  • CVE-2016-7983CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.04

    The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().

  • CVE-2016-7975CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().

  • CVE-2016-7974CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.

  • CVE-2016-7973CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.

  • CVE-2016-7940CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.

  • CVE-2016-7939CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.

  • CVE-2016-7938CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame().

  • CVE-2016-7937CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().

  • CVE-2016-7936CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().

  • CVE-2016-7935CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().

  • CVE-2016-7934CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().

  • CVE-2016-7933CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().

  • CVE-2016-7932CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().

  • CVE-2016-7931CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().

  • CVE-2016-7930CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().

  • CVE-2016-7929CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().

  • CVE-2016-7928CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().

  • CVE-2016-7927CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().

  • CVE-2016-7926CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().

  • CVE-2016-7925CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().

  • CVE-2016-7924CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().

  • CVE-2016-7923CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().

  • CVE-2016-7922CriJan 28, 2017
    risk 0.64cvss 9.8epss 0.03

    The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().

  • CVE-2017-12989HigSep 14, 2017
    risk 0.49cvss 7.5epss 0.02

    The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().

  • CVE-2017-11108HigJul 8, 2017
    risk 0.49cvss 7.5epss 0.05

    tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.

  • CVE-2015-3138HigSep 28, 2017
    risk 0.42cvss 7.5epss 0.02

    print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).

  • CVE-2017-16808MedNov 13, 2017
    risk 0.36cvss 5.5epss 0.03

    tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.

  • CVE-2024-2397MedApr 12, 2024
    risk 0.33cvss 6.2epss 0.00

    Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21.

  • CVE-2004-0184May 4, 2004
    risk 0.08cvss epss 0.60

    Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an…

  • CVE-2025-11964LowDec 31, 2025
    risk 0.05cvss 1.9epss 0.00

    On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message includes characters that UTF-8 represents using 4 bytes, utf_16le_to_utf_8_truncated() can write data beyond the end of the provided buffer.

  • CVE-2025-11961LowDec 31, 2025
    risk 0.05cvss 1.9epss 0.00

    pcap_ether_aton() is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an…

  • CVE-2015-2153Mar 24, 2015
    risk 0.05cvss epss 0.19

    The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).

  • CVE-2014-8768Nov 20, 2014
    risk 0.05cvss epss 0.20

    Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.

  • CVE-2005-1267Jun 10, 2005
    risk 0.04cvss epss 0.14

    The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.

  • CVE-2005-1279May 2, 2005
    risk 0.04cvss epss 0.19

    tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function.

  • CVE-2005-1278May 2, 2005
    risk 0.04cvss epss 0.11

    The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.

  • CVE-2005-1280May 2, 2005
    risk 0.04cvss epss 0.10

    The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.

  • CVE-2003-1029Feb 17, 2004
    risk 0.04cvss epss 0.10

    The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets.

  • CVE-2003-0108Mar 7, 2003
    risk 0.04cvss epss 0.11

    isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.

  • CVE-2000-0333May 31, 1999
    risk 0.04cvss epss 0.08

    tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet.

  • CVE-1999-1024Nov 28, 2001
    risk 0.03cvss epss 0.03

    ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a denial of service via a packet with a zero length header, which causes an infinite loop and core dump when tcpdump prints the packet.

  • CVE-2018-16229Oct 3, 2019
    risk 0.01cvss epss 0.07

    The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().