Multiple vulnerabilities in Tcpdump



Risk Medium
Patch available YES
Number of vulnerabilities 27
CVE-ID CVE-2017-16808
CVE-2018-10103
CVE-2018-10105
CVE-2018-14461
CVE-2018-14462
CVE-2018-14463
CVE-2018-14464
CVE-2018-14465
CVE-2018-14466
CVE-2018-14467
CVE-2018-14468
CVE-2018-14469
CVE-2018-14470
CVE-2018-14879
CVE-2018-14880
CVE-2018-14881
CVE-2018-14882
CVE-2018-16227
CVE-2018-16228
CVE-2018-16229
CVE-2018-16230
CVE-2018-16300
CVE-2018-16301
CVE-2018-16451
CVE-2018-16452
CVE-2019-15166
CVE-2019-15167
CWE-ID CWE-126
CWE-125
CWE-119
CWE-835
Exploitation vector Network
Public exploit N/A
Vulnerable software
Tcpdump
Server applications / DLP, anti-spam, sniffers

Vendor Tcpdump.org

Security Bulletin

This security bulletin contains information about 27 vulnerabilities.

1) Heap-based buffer overread

EUVDB-ID: #VU9337

Risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-16808

CWE-ID: CWE-126 - Buffer over-read

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to heap-based buffer overread in 'addrtoname.c' when handling malicious input. A remote attacker can supply a specially crafted pcap fil, trigger buffer overread and cause the service to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/issues/645


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU21982

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-10103

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition when printing SMB data. A remote attacker can generate specially crafted SMB traffic, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU21984

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-10105

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition when printing SMB data. A remote attacker can generate specially crafted SMB traffic, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU21985

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14461

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in print-ldp.c:ldp_tlv_print() within the LDP parser. A remote attacker can generate specially crafted LDP data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU21986

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14462

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in print-icmp.c:icmp_print() function within the ICMP parser. A remote attacker can generate specially crafted ICMP data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds read

EUVDB-ID: #VU21987

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14463

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in print-vrrp.c:vrrp_print() function within the VRRP parser. A remote attacker can generate specially crafted VRRP data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds read

EUVDB-ID: #VU21988

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14464

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in print-lmp.c:lmp_print_data_link_subobjs() function within the LMP parser. A remote attacker can generate specially crafted LMP data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Out-of-bounds read

EUVDB-ID: #VU21989

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14465

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in print-rsvp.c:rsvp_obj_print() function within the RSVP parser. A remote attacker can generate specially crafted RSVP data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Out-of-bounds read

EUVDB-ID: #VU21990

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14466

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in print-rx.c:rx_cache_find() and rx_cache_insert() functions within the Rx parser. A remote attacker can generate specially crafted RSVP data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Out-of-bounds read

EUVDB-ID: #VU21991

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14467

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP) within the BGP parser in tcpdump before 4.9.3. A remote attacker can generate specially crafted data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/e3f3b445e2d20ac5d5b7fcb7559ce6beb55da0c9
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Out-of-bounds read

EUVDB-ID: #VU21992

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14468

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the print-fr.c:mfr_print() within the FRF.16 parser in tcpdump before 4.9.3. A remote attacker can generate specially crafted data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/aa3e54f594385ce7e1e319b0c84999e51192578b
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Out-of-bounds read

EUVDB-ID: #VU21993

Risk: Low

CVSSv3.1: 3.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14469

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the print-isakmp.c:ikev1_n_print() within the IKEv1 parser in tcpdump before 4.9.3. A remote attacker can generate specially crafted data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/396e94ff55a80d554b1fe46bf107db1e91008d6c
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds read

EUVDB-ID: #VU21994

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14470

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the print-babel.c:babel_print_v2() within the Babel parser in tcpdump before 4.9.3. A remote attacker can generate specially crafted data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/12f66f69f7bf1ec1266ddbee90a7616cbf33696b
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Buffer overflow

EUVDB-ID: #VU21995

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14879

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the tcpdump.c:get_next_file() function in the command-line argument parser. A remote attacker can create a specially crafted file, trick the victim into opening it with the affected software, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/9ba91381954ad325ea4fd26b9c65a8bd9a2a85b6
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Out-of-bounds read

EUVDB-ID: #VU21996

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14880

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the print-ospf6.c:ospf6_print_lshdr() within the OSPFv3 parser in tcpdump before 4.9.3. A remote attacker can generate specially crafted data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/e01c9bf76740802025c9328901b55ee4a0c49ed6
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Out-of-bounds read

EUVDB-ID: #VU21997

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14881

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART) within the BGP parser in tcpdump before 4.9.3. A remote attacker can generate specially crafted data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/86326e880d31b328a151d45348c35220baa9a1ff
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Out-of-bounds read

EUVDB-ID: #VU21998

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-14882

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the print-icmp6.c within the ICMPv6 parser in tcpdump before 4.9.3. A remote attacker can generate specially crafted data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/d7505276842e85bfd067fa21cdb32b8a2dc3c5e4
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Out-of-bounds read

EUVDB-ID: #VU22015

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16227

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the print-802_11.c for the Mesh Flags subfield within the IEEE 802.11 parser in tcpdump before 4.9.3. A remote attacker can generate specially crafted data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/4846b3c5d0a850e860baf4f07340495d29837d09
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Out-of-bounds read

EUVDB-ID: #VU22016

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16228

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the print-hncp.c:print_prefix() within the HNCP parser in tcpdump before 4.9.3. A remote attacker can generate specially crafted data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/83a412a5275cac973c5841eca3511c766bed778d
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Out-of-bounds read

EUVDB-ID: #VU22017

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16229

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the print-dccp.c:dccp_print_option() within the DCCP parser in tcpdump before 4.9.3. A remote attacker can generate specially crafted data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/211124b972e74f0da66bc8b16f181f78793e2f66
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Out-of-bounds read

EUVDB-ID: #VU22018

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16230

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the print-bgp.c:bgp_attr_print() (MP_REACH_NLRI) within the BGP parser in tcpdump before 4.9.3. A remote attacker can generate specially crafted data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/13d52e9c0e7caf7e6325b0051bc90a49968be67f
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Infinite loop

EUVDB-ID: #VU22019

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16300

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in print-bgp.c:bgp_attr_print() function in the BPG parser. A remote attacker can pass specially crafted data to the affected application, consume all available system resources and cause denial of service conditions.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/af2cf04a9394c1a56227c2289ae8da262828294a
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Out-of-bounds read

EUVDB-ID: #VU21949

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16301

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in libpcap when during pcapng reading. A remote attacker can pass specially crafted data to the application that uses the affected library, trigger out-of-bounds read error and read contents of memory on the system or crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Out-of-bounds read

EUVDB-ID: #VU22021

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16451

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the print-smb.c:print_trans() for MAILSLOTBROWSE and PIPELANMAN within the SMB parser in tcpdump before 4.9.3. A remote attacker can generate specially crafted data, trigger out-of-bounds read error and perform denial of service attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/96480ab95308cd9234b4f09b175ebf60e17792c6
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Infinite loop

EUVDB-ID: #VU22022

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16452

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in the smbutil.c:smb_fdata() function within the SMB parser. A remote attacker can consume all available system resources and cause denial of service conditions.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/24182d959f661327525a20d9a94c98a8ec016778
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Buffer overflow

EUVDB-ID: #VU22023

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-15166

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the lmp_print_data_link_subobjs() function in print-lmp.c. A remote attacker can create a specially crafted LMP data, trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
http://github.com/the-tcpdump-group/tcpdump/commit/0b661e0aa61850234b64394585cf577aac570bf4
http://lists.debian.org/debian-lts-announce/2019/10/msg00015.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Out-of-bounds read

EUVDB-ID: #VU22024

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-15167

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the VRRP parser A remote attacker can generate specially crafted data, trigger out-of-bounds read error and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Tcpdump: 4.9.0 - 4.9.2

CPE2.3 External links

http://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###