1. CVE-Search
  2. CVE-2015-2155
ID CVE-2015-2155
Summary The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
References
Vulnerable Configurations
  • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
  • cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
    cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.9.6:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.9.7:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:3.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:3.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:4.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:4.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:4.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:4.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:4.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:4.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:4.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:4.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:4.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:4.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:4.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:4.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:4.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:4.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:4.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:4.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:4.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:4.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:tcpdump:4.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:tcpdump:4.7.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 30-10-2018 - 16:27)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
rhsa
id RHSA-2017:1871
rpms
  • tcpdump-14:4.9.0-5.el7
  • tcpdump-debuginfo-14:4.9.0-5.el7
refmap via4
bid 73021
bugtraq 20150309 tcpdump 4.7.2 remote crashes
confirm
debian DSA-3193
fedora FEDORA-2015-4939
gentoo GLSA-201510-04
mandriva
  • MDVSA-2015:125
  • MDVSA-2015:182
misc http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html
sectrack 1031937
suse openSUSE-SU-2015:0616
ubuntu USN-2580-1
Last major update 30-10-2018 - 16:27
Published 24-03-2015 - 17:59
Last modified 30-10-2018 - 16:27
Back to Top