| nessus
via4
|
| NASL family | Huawei Local Security Checks | | NASL id | EULEROS_SA-2017-1280.NASL | | description | According to the versions of the tcpdump package installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :
- The RSVP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-rsvp.c:rsvp_obj_print().(CVE-2017-13048)
- The ARP parser in tcpdump before 4.9.2 has a buffer
over-read in print-arp.c, several
functions.(CVE-2017-13013)
- The VTP parser in tcpdump before 4.9.2 has a buffer
over-read in print-vtp.c:vtp_print().(CVE-2017-13033)
- The OSPFv3 parser in tcpdump before 4.9.2 has a buffer
over-read in
print-ospf6.c:ospf6_decode_v3().(CVE-2017-13036)
- The ISO ES-IS parser in tcpdump before 4.9.2 has a
buffer over-read in
print-isoclns.c:esis_print().(CVE-2017-13047)
- The IPv6 mobility parser in tcpdump before 4.9.2 has a
buffer over-read in
print-mobility.c:mobility_opt_print().(CVE-2017-13025)
- The PGM parser in tcpdump before 4.9.2 has a buffer
over-read in print-pgm.c:pgm_print().(CVE-2017-13019)
- The IPv6 parser in tcpdump before 4.9.2 has a buffer
over-read in print-ip6.c:ip6_print().(CVE-2017-12985)
- The IPv6 routing header parser in tcpdump before 4.9.2
has a buffer over-read in
print-rt6.c:rt6_print().(CVE-2017-13725)
- The telnet parser in tcpdump before 4.9.2 has a buffer
over-read in
print-telnet.c:telnet_parse().(CVE-2017-12988)
- The BGP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-bgp.c:bgp_attr_print().(CVE-2017-12991)
- The MPTCP parser in tcpdump before 4.9.2 has a buffer
over-read in print-mptcp.c, several
functions.(CVE-2017-13040)
- The PPP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-ppp.c:print_ccp_config_options().(CVE-2017-13029)
- The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a
buffer over-read in
print-802_15_4.c:ieee802_15_4_if_print().(CVE-2017-1300
0)
- The IP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-ip.c:ip_printroute().(CVE-2017-13022)
- The ISAKMP parser in tcpdump before 4.9.2 has a buffer
over-read in print-isakmp.c, several
functions.(CVE-2017-13039)
- The IPv6 fragmentation header parser in tcpdump before
4.9.2 has a buffer over-read in
print-frag6.c:frag6_print().(CVE-2017-13031)
- The PIM parser in tcpdump before 4.9.2 has a buffer
over-read in print-pim.c, several
functions.(CVE-2017-13030)
- The BGP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-bgp.c:bgp_attr_print().(CVE-2017-12994)
- The BGP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-bgp.c:decode_multicast_vpn().(CVE-2017-13043)
- The VQP parser in tcpdump before 4.9.2 has a buffer
over-read in print-vqp.c:vqp_print().(CVE-2017-13045)
- The LLDP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-lldp.c:lldp_private_8023_print().(CVE-2017-13054,
CVE-2017-12998,CVE-2017-13014,CVE-2017-13037,
CVE-2017-13690,CVE-2017-13017,CVE-2017-12895,CVE-2017-1
3046,CVE-2017-13688,CVE-2017-13053,CVE-2017-12995,CVE-2
017-12997,CVE-2017-13016,CVE-2017-13002,CVE-2017-12989,
CVE-2017-12999,CVE-2017-12900,CVE-2017-13006,CVE-2017-1
2897,CVE-2017-13003,CVE-2017-12901,CVE-2017-13035,CVE-2
017-13009,CVE-2017-13032,CVE-2017-13049,CVE-2017-13007,
CVE-2017-13041,CVE-2017-12987,CVE-2017-12993,CVE-2017-1
3023,CVE-2017-13026,CVE-2017-13055,CVE-2017-13042,CVE-2
017-13018,CVE-2017-13044,CVE-2017-13012,CVE-2017-13001,
CVE-2017-13050,CVE-2017-13028,CVE-2017-13024,CVE-2017-1
2992,CVE-2017-13004,CVE-2017-13027,CVE-2017-13008,CVE-2
017-13051,CVE-2017-13020,CVE-2017-12902,CVE-2017-13689,
CVE-2017-13005,CVE-2017-12894,CVE-2017-13015,CVE-2017-1
3038,CVE-2017-12990,CVE-2017-13034,CVE-2017-13011,CVE-2
017-13021,CVE-2017-13010,CVE-2017-12986,CVE-2017-12996,
CVE-2017-13052)
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues. | | last seen | 2019-01-16 | | modified | 2018-11-14 | | plugin id | 104333 | | published | 2017-11-02 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=104333 | | title | EulerOS 2.0 SP1 : tcpdump (EulerOS-SA-2017-1280) |
| NASL family | PhotonOS Local Security Checks | | NASL id | PHOTONOS_PHSA-2017-0034_TCPDUMP.NASL | | description | An update of the tcpdump package has been released. | | last seen | 2019-02-08 | | modified | 2019-02-07 | | plugin id | 121732 | | published | 2019-02-07 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=121732 | | title | Photon OS 1.0: Tcpdump PHSA-2017-0034 |
| NASL family | AIX Local Security Checks | | NASL id | AIX_IV94723.NASL | | description | Vulnerabilities in tcpdump affect AIX :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the Juniper component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the RIPng component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the BGP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the telnet component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IEEE 802.11 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the IPv6 routing headers component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IPv6
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the Zephyr component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the EIGRP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
tok2strbuf component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the DECnet
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the NFS component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO CLNS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISAKMP component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ICMP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the lookup_bytestring component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the SMB/CIFS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump is vulnerable to a denial of
service, caused by a heap-based buffer over-read in the pimv1_print
function in print-pim.c. An attacker could exploit this vulnerability
to cause the application to crash. tcpdump is vulnerable to a denial
of service, caused by a heap-based buffer over-read in the lldp_print
function in print-lldp.c. An attacker could exploit this vulnerability
to cause the application to crash. tcpdump is vulnerable to a denial
of service, caused by an error in the LLDP component. By sending
specially crafted data, a remote attacker could exploit this
vulnerability to cause the application to enter into an infinite loop.
tcpdump is vulnerable to a denial of service, caused by an error in
the DNS component. By sending specially crafted data, a remote
attacker could exploit this vulnerability to cause the application to
enter into an infinite loop. tcpdump is vulnerable to a denial of
service, caused by an error in the ISAKMP component. By sending
specially crafted data, a remote attacker could exploit this
vulnerability to cause the application to enter into an infinite loop.
tcpdump is vulnerable to a denial of service, caused by an error in
the RESP component. By sending specially crafted data, a remote
attacker could exploit this vulnerability to cause the application to
enter into an infinite loop. tcpdump is vulnerable to a buffer
overflow, caused by improper bounds checking by the
bittok2str_internal component. By sending an overly long string
argument, a remote attacker could overflow a buffer and execute
arbitrary code on the system or cause the application to crash.
tcpdump is vulnerable to a denial of service, caused by a buffer
overflow in the sliplink_print function in print-sl.c. An attacker
could exploit this vulnerability to cause the application to crash.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PGM component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the DHCPv6 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO ES-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump is vulnerable to a denial of service, caused by a
buffer overflow in the sliplink_print function in print-sl.c. An
attacker could exploit this vulnerability to cause the application to
crash. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the EAP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the White Board component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ARP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the ICMP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BEEP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IPv6
mobility component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IEEE 802.11
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the L2TP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the NFS component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
Juniper component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the LMP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the AODV component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the NFS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the IEEE 802.15.4 component. By sending
a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO IS-IS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO IS-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the PIMv2
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the BGP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump is vulnerable
to a denial of service, caused by a heap-based buffer over-read in the
lldp_print function in print-lldp.c. An attacker could exploit this
vulnerability to cause the application to crash. tcpdump is vulnerable
to a denial of service, caused by a heap-based buffer over-read in the
pimv1_print function in print-pim.c. An attacker could exploit this
vulnerability to cause the application to crash. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BGP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the HNCP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the ICMPv6 component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the MPTCP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
ISAKMP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PPP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
OSPFv3 component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the ISO IS-IS component. By
sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the PGM component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the VTP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the RADIUS component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 fragmentation header component. By sending
a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the PIM component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the PPP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the BOOTP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the LLDP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the ISO
IS-IS component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the IPv6 mobility component. By
sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 mobility component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the IPv6 mobility component. By sending a specially crafted request,
an attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ICMPv6 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the VTP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PGM component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 routing headers component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IKEv2 component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IKEv1
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the OLSR component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the Cisco HDLC component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO IS-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the LLDP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BGP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the CFM
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the RSVP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the RPKI-Router component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the Rx component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the RSVP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO ES-IS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the BGP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the VQP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the HNCP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. | | last seen | 2019-01-16 | | modified | 2018-01-26 | | plugin id | 100467 | | published | 2017-05-30 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=100467 | | title | AIX 7.2 TL 1 : tcpdump (IV94723) |
| NASL family | Slackware Local Security Checks | | NASL id | SLACKWARE_SSA_2017-251-03.NASL | | description | New tcpdump packages are available for Slackware 13.37, 14.0, 14.1,
14.2, and -current to fix security issues. | | last seen | 2019-01-16 | | modified | 2018-01-26 | | plugin id | 103091 | | published | 2017-09-11 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=103091 | | title | Slackware 13.37 / 14.0 / 14.1 / 14.2 / current : tcpdump (SSA:2017-251-03) |
| NASL family | AIX Local Security Checks | | NASL id | AIX_IV94727.NASL | | description | Vulnerabilities in tcpdump affect AIX :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the Juniper component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the RIPng component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the BGP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the telnet component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IEEE 802.11 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the IPv6 routing headers component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IPv6
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the Zephyr component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the EIGRP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
tok2strbuf component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the DECnet
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the NFS component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO CLNS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISAKMP component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ICMP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the lookup_bytestring component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the SMB/CIFS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump is vulnerable to a denial of
service, caused by a heap-based buffer over-read in the pimv1_print
function in print-pim.c. An attacker could exploit this vulnerability
to cause the application to crash. tcpdump is vulnerable to a denial
of service, caused by a heap-based buffer over-read in the lldp_print
function in print-lldp.c. An attacker could exploit this vulnerability
to cause the application to crash. tcpdump is vulnerable to a denial
of service, caused by an error in the LLDP component. By sending
specially crafted data, a remote attacker could exploit this
vulnerability to cause the application to enter into an infinite loop.
tcpdump is vulnerable to a denial of service, caused by an error in
the DNS component. By sending specially crafted data, a remote
attacker could exploit this vulnerability to cause the application to
enter into an infinite loop. tcpdump is vulnerable to a denial of
service, caused by an error in the ISAKMP component. By sending
specially crafted data, a remote attacker could exploit this
vulnerability to cause the application to enter into an infinite loop.
tcpdump is vulnerable to a denial of service, caused by an error in
the RESP component. By sending specially crafted data, a remote
attacker could exploit this vulnerability to cause the application to
enter into an infinite loop. tcpdump is vulnerable to a buffer
overflow, caused by improper bounds checking by the
bittok2str_internal component. By sending an overly long string
argument, a remote attacker could overflow a buffer and execute
arbitrary code on the system or cause the application to crash.
tcpdump is vulnerable to a denial of service, caused by a buffer
overflow in the sliplink_print function in print-sl.c. An attacker
could exploit this vulnerability to cause the application to crash.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PGM component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the DHCPv6 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO ES-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump is vulnerable to a denial of service, caused by a
buffer overflow in the sliplink_print function in print-sl.c. An
attacker could exploit this vulnerability to cause the application to
crash. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the EAP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the White Board component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ARP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the ICMP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BEEP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IPv6
mobility component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IEEE 802.11
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the L2TP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the NFS component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
Juniper component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the LMP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the AODV component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the NFS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the IEEE 802.15.4 component. By sending
a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO IS-IS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO IS-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the PIMv2
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the BGP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump is vulnerable
to a denial of service, caused by a heap-based buffer over-read in the
lldp_print function in print-lldp.c. An attacker could exploit this
vulnerability to cause the application to crash. tcpdump is vulnerable
to a denial of service, caused by a heap-based buffer over-read in the
pimv1_print function in print-pim.c. An attacker could exploit this
vulnerability to cause the application to crash. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BGP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the HNCP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the ICMPv6 component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the MPTCP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
ISAKMP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PPP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
OSPFv3 component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the ISO IS-IS component. By
sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the PGM component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the VTP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the RADIUS component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 fragmentation header component. By sending
a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the PIM component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the PPP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the BOOTP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the LLDP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the ISO
IS-IS component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the IPv6 mobility component. By
sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 mobility component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the IPv6 mobility component. By sending a specially crafted request,
an attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ICMPv6 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the VTP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PGM component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 routing headers component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IKEv2 component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IKEv1
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the OLSR component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the Cisco HDLC component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO IS-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the LLDP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BGP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the CFM
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the RSVP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the RPKI-Router component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the Rx component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the RSVP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO ES-IS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the BGP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the VQP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the HNCP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. | | last seen | 2019-01-16 | | modified | 2018-01-26 | | plugin id | 100470 | | published | 2017-05-30 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=100470 | | title | AIX 7.1 TL 3 : tcpdump (IV94727) |
| NASL family | MacOS X Local Security Checks | | NASL id | MACOS_10_13_1.NASL | | description | The remote host is running a version of Mac OS X that is 10.13.x
prior to 10.13.1. It is, therefore, affected by multiple
vulnerabilities in the following components :
- APFS
- curl
- Dictionary Widget
- Kernel
- StreamingZip
- tcpdump
- Wi-Fi
Note that successful exploitation of the most serious issues can
result in arbitrary code execution. | | last seen | 2019-01-16 | | modified | 2018-07-14 | | plugin id | 104378 | | published | 2017-11-03 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=104378 | | title | macOS 10.13.x < 10.13.1 Multiple Vulnerabilities |
| NASL family | Debian Local Security Checks | | NASL id | DEBIAN_DLA-1097.NASL | | description | Several vulnerabilities have been discovered in tcpdump, a
command-line network traffic analyzer. These vulnerabilities might
result in denial of service or, potentially, execution of arbitrary
code.
For Debian 7 'Wheezy', these problems have been fixed in version
4.9.2-1~deb7u1.
We recommend that you upgrade your tcpdump packages.
NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues. | | last seen | 2019-01-16 | | modified | 2018-07-09 | | plugin id | 103257 | | published | 2017-09-18 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=103257 | | title | Debian DLA-1097-1 : tcpdump security update |
| NASL family | Debian Local Security Checks | | NASL id | DEBIAN_DSA-3971.NASL | | description | Several vulnerabilities have been discovered in tcpdump, a
command-line network traffic analyzer. These vulnerabilities might
result in denial of service or, potentially, execution of arbitrary
code. | | last seen | 2019-01-16 | | modified | 2018-11-10 | | plugin id | 103148 | | published | 2017-09-13 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=103148 | | title | Debian DSA-3971-1 : tcpdump - security update |
| NASL family | MacOS X Local Security Checks | | NASL id | MACOSX_SECUPD2017-004.NASL | | description | The remote host is running Mac OS X 10.11.6 or Mac OS X 10.12.6 and is
missing a security update. It is therefore, affected by multiple
vulnerabilities affecting the following components :
- 802.1X
- apache
- AppleScript
- ATS
- Audio
- CFString
- CoreText
- curl
- Dictionary Widget
- file
- Fonts
- fsck_msdos
- HFS
- Heimdal
- HelpViewer
- ImageIO
- Kernel
- libarchive
- Open Scripting Architecture
- PCRE
- Postfix
- Quick Look
- QuickTime
- Remote Management
- Sandbox
- StreamingZip
- tcpdump
- Wi-Fi | | last seen | 2019-01-16 | | modified | 2018-07-14 | | plugin id | 104379 | | published | 2017-11-03 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=104379 | | title | macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-001 and 2017-004) |
| NASL family | PhotonOS Local Security Checks | | NASL id | PHOTONOS_PHSA-2017-0034.NASL | | description | An update of [tcpdump,ruby] packages for PhotonOS has been released. | | last seen | 2019-02-08 | | modified | 2019-02-07 | | plugin id | 111883 | | published | 2018-08-17 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=111883 | | title | Photon OS 1.0: Ruby / Tcpdump PHSA-2017-0034 (deprecated) |
| NASL family | Huawei Local Security Checks | | NASL id | EULEROS_SA-2017-1281.NASL | | description | According to the versions of the tcpdump package installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :
- The RSVP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-rsvp.c:rsvp_obj_print().(CVE-2017-13048)
- The ARP parser in tcpdump before 4.9.2 has a buffer
over-read in print-arp.c, several
functions.(CVE-2017-13013)
- The VTP parser in tcpdump before 4.9.2 has a buffer
over-read in print-vtp.c:vtp_print().(CVE-2017-13033)
- The OSPFv3 parser in tcpdump before 4.9.2 has a buffer
over-read in
print-ospf6.c:ospf6_decode_v3().(CVE-2017-13036)
- The ISO ES-IS parser in tcpdump before 4.9.2 has a
buffer over-read in
print-isoclns.c:esis_print().(CVE-2017-13047)
- The IPv6 mobility parser in tcpdump before 4.9.2 has a
buffer over-read in
print-mobility.c:mobility_opt_print().(CVE-2017-13025)
- The PGM parser in tcpdump before 4.9.2 has a buffer
over-read in print-pgm.c:pgm_print().(CVE-2017-13019)
- The IPv6 parser in tcpdump before 4.9.2 has a buffer
over-read in print-ip6.c:ip6_print().(CVE-2017-12985)
- The IPv6 routing header parser in tcpdump before 4.9.2
has a buffer over-read in
print-rt6.c:rt6_print().(CVE-2017-13725)
- The telnet parser in tcpdump before 4.9.2 has a buffer
over-read in
print-telnet.c:telnet_parse().(CVE-2017-12988)
- The BGP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-bgp.c:bgp_attr_print().(CVE-2017-12991)
- The MPTCP parser in tcpdump before 4.9.2 has a buffer
over-read in print-mptcp.c, several
functions.(CVE-2017-13040)
- The PPP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-ppp.c:print_ccp_config_options().(CVE-2017-13029)
- The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a
buffer over-read in
print-802_15_4.c:ieee802_15_4_if_print().(CVE-2017-1300
0)
- The IP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-ip.c:ip_printroute().(CVE-2017-13022)
- The ISAKMP parser in tcpdump before 4.9.2 has a buffer
over-read in print-isakmp.c, several
functions.(CVE-2017-13039)
- The IPv6 fragmentation header parser in tcpdump before
4.9.2 has a buffer over-read in
print-frag6.c:frag6_print().(CVE-2017-13031)
- The PIM parser in tcpdump before 4.9.2 has a buffer
over-read in print-pim.c, several
functions.(CVE-2017-13030)
- The BGP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-bgp.c:bgp_attr_print().(CVE-2017-12994)
- The BGP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-bgp.c:decode_multicast_vpn().(CVE-2017-13043)
- The VQP parser in tcpdump before 4.9.2 has a buffer
over-read in print-vqp.c:vqp_print().(CVE-2017-13045)
- The LLDP parser in tcpdump before 4.9.2 has a buffer
over-read in
print-lldp.c:lldp_private_8023_print().(CVE-2017-13054,
CVE-2017-12998,CVE-2017-13014,CVE-2017-13037,
CVE-2017-13690,CVE-2017-13017,CVE-2017-12895,CVE-2017-1
3046,CVE-2017-13688,CVE-2017-13053,CVE-2017-12995,CVE-2
017-12997,CVE-2017-13016,CVE-2017-13002,CVE-2017-12989,
CVE-2017-12999,CVE-2017-12900,CVE-2017-13006,CVE-2017-1
2897,CVE-2017-13003,CVE-2017-12901,CVE-2017-13035,CVE-2
017-13009,CVE-2017-13032,CVE-2017-13049,CVE-2017-13007,
CVE-2017-13041,CVE-2017-12987,CVE-2017-12993,CVE-2017-1
3023,CVE-2017-13026,CVE-2017-13055,CVE-2017-13042,CVE-2
017-13018,CVE-2017-13044,CVE-2017-13012,CVE-2017-13001,
CVE-2017-13050,CVE-2017-13028,CVE-2017-13024,CVE-2017-1
2992,CVE-2017-13004,CVE-2017-13027,CVE-2017-13008,CVE-2
017-13051,CVE-2017-13020,CVE-2017-12902,CVE-2017-13689,
CVE-2017-13005,CVE-2017-12894,CVE-2017-13015,CVE-2017-1
3038,CVE-2017-12990,CVE-2017-13034,CVE-2017-13011,CVE-2
017-13021,CVE-2017-13010,CVE-2017-12986,CVE-2017-12996,
CVE-2017-13052)
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues. | | last seen | 2019-01-16 | | modified | 2018-11-14 | | plugin id | 104334 | | published | 2017-11-02 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=104334 | | title | EulerOS 2.0 SP2 : tcpdump (EulerOS-SA-2017-1281) |
| NASL family | FreeBSD Local Security Checks | | NASL id | FREEBSD_PKG_EB03D6426724472DB038F2BF074E1FC8.NASL | | description | tcpdump developers report :
Too many issues to detail, see CVE references for details. | | last seen | 2018-11-13 | | modified | 2018-11-10 | | plugin id | 103484 | | published | 2017-09-27 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=103484 | | title | FreeBSD : tcpdump -- multiple vulnerabilities (eb03d642-6724-472d-b038-f2bf074e1fc8) |
| NASL family | SuSE Local Security Checks | | NASL id | OPENSUSE-2017-1205.NASL | | description | This update for tcpdump to version 4.9.2 fixes several issues.
These security issues were fixed :
- CVE-2017-11108: Prevent remote attackers to cause DoS
(heap-based buffer over-read and application crash) via
crafted packet data. The crash occured in the
EXTRACT_16BITS function, called from the stp_print
function for the Spanning Tree Protocol (bsc#1047873,
bsc#1057247).
- CVE-2017-11543: Prevent buffer overflow in the
sliplink_print function in print-sl.c that allowed
remote DoS (bsc#1057247).
- CVE-2017-13011: Prevent buffer overflow in
bittok2str_internal() that allowed remote DoS
(bsc#1057247)
- CVE-2017-12989: Prevent infinite loop in the RESP parser
that allowed remote DoS (bsc#1057247)
- CVE-2017-12990: Prevent infinite loop in the ISAKMP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12995: Prevent infinite loop in the DNS parser
that allowed remote DoS (bsc#1057247)
- CVE-2017-12997: Prevent infinite loop in the LLDP parser
that allowed remote DoS (bsc#1057247)
- CVE-2017-11541: Prevent heap-based buffer over-read in
the lldp_print function in print-lldp.c, related to
util-print.c that allowed remote DoS (bsc#1057247).
- CVE-2017-11542: Prevent heap-based buffer over-read in
the pimv1_print function in print-pim.c that allowed
remote DoS (bsc#1057247).
- CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12894: Prevent buffer over-read in several
protocol parsers that allowed remote DoS (bsc#1057247)
- CVE-2017-12895: Prevent buffer over-read in the ICMP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12896: Prevent buffer over-read in the ISAKMP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12897: Prevent buffer over-read in the ISO CLNS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12898: Prevent buffer over-read in the NFS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12899: Prevent buffer over-read in the DECnet
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12900: Prevent buffer over-read in the in
several protocol parsers that allowed remote DoS
(bsc#1057247)
- CVE-2017-12901: Prevent buffer over-read in the EIGRP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12902: Prevent buffer over-read in the Zephyr
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12985: Prevent buffer over-read in the IPv6
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12986: Prevent buffer over-read in the IPv6
routing header parser that allowed remote DoS
(bsc#1057247)
- CVE-2017-12987: Prevent buffer over-read in the 802.11
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12988: Prevent buffer over-read in the telnet
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12991: Prevent buffer over-read in the BGP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12992: Prevent buffer over-read in the RIPng
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12993: Prevent buffer over-read in the Juniper
protocols parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12994: Prevent buffer over-read in the BGP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12996: Prevent buffer over-read in the PIMv2
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12998: Prevent buffer over-read in the IS-IS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12999: Prevent buffer over-read in the IS-IS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13000: Prevent buffer over-read in the IEEE
802.15.4 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13001: Prevent buffer over-read in the NFS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13002: Prevent buffer over-read in the AODV
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13003: Prevent buffer over-read in the LMP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13004: Prevent buffer over-read in the Juniper
protocols parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13005: Prevent buffer over-read in the NFS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13006: Prevent buffer over-read in the L2TP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13007: Prevent buffer over-read in the Apple
PKTAP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13008: Prevent buffer over-read in the IEEE
802.11 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13009: Prevent buffer over-read in the IPv6
mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13010: Prevent buffer over-read in the BEEP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13012: Prevent buffer over-read in the ICMP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13013: Prevent buffer over-read in the ARP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13014: Prevent buffer over-read in the White
Board protocol parser that allowed remote DoS
(bsc#1057247)
- CVE-2017-13015: Prevent buffer over-read in the EAP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13016: Prevent buffer over-read in the ISO
ES-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13017: Prevent buffer over-read in the DHCPv6
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13018: Prevent buffer over-read in the PGM
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13019: Prevent buffer over-read in the PGM
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13020: Prevent buffer over-read in the VTP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13021: Prevent buffer over-read in the ICMPv6
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13022: Prevent buffer over-read in the IP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13023: Prevent buffer over-read in the IPv6
mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13024: Prevent buffer over-read in the IPv6
mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13025: Prevent buffer over-read in the IPv6
mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13026: Prevent buffer over-read in the ISO
IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13027: Prevent buffer over-read in the LLDP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13028: Prevent buffer over-read in the BOOTP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13029: Prevent buffer over-read in the PPP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13030: Prevent buffer over-read in the PIM
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13031: Prevent buffer over-read in the IPv6
fragmentation header parser that allowed remote DoS
(bsc#1057247)
- CVE-2017-13032: Prevent buffer over-read in the RADIUS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13033: Prevent buffer over-read in the VTP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13034: Prevent buffer over-read in the PGM
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13035: Prevent buffer over-read in the ISO
IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13036: Prevent buffer over-read in the OSPFv3
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13037: Prevent buffer over-read in the IP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13038: Prevent buffer over-read in the PPP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13039: Prevent buffer over-read in the ISAKMP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13040: Prevent buffer over-read in the MPTCP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13041: Prevent buffer over-read in the ICMPv6
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13042: Prevent buffer over-read in the HNCP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13043: Prevent buffer over-read in the BGP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13044: Prevent buffer over-read in the HNCP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13045: Prevent buffer over-read in the VQP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13046: Prevent buffer over-read in the BGP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13047: Prevent buffer over-read in the ISO
ES-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13048: Prevent buffer over-read in the RSVP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13049: Prevent buffer over-read in the Rx
protocol parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13050: Prevent buffer over-read in the
RPKI-Router parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13051: Prevent buffer over-read in the RSVP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13052: Prevent buffer over-read in the CFM
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13053: Prevent buffer over-read in the BGP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13054: Prevent buffer over-read in the LLDP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13055: Prevent buffer over-read in the ISO
IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13687: Prevent buffer over-read in the Cisco
HDLC parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13688: Prevent buffer over-read in the OLSR
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13689: Prevent buffer over-read in the IKEv1
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13690: Prevent buffer over-read in the IKEv2
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13725: Prevent buffer over-read in the IPv6
routing header parser that allowed remote DoS
(bsc#1057247)
- Prevent segmentation fault in ESP decoder with OpenSSL
1.1 (bsc#1057247)
This update was imported from the SUSE:SLE-12:Update update project. | | last seen | 2019-01-16 | | modified | 2018-01-26 | | plugin id | 104239 | | published | 2017-10-30 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=104239 | | title | openSUSE Security Update : tcpdump (openSUSE-2017-1205) |
| NASL family | Ubuntu Local Security Checks | | NASL id | UBUNTU_USN-3415-1.NASL | | description | Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in
tcpdump. A remote attacker could use this to cause a denial of service
(application crash) or possibly execute arbitrary code.
(CVE-2017-11543)
Bhargava Shastry discovered a buffer overflow in the bitfield
converter utility function bittok2str_internal() in tcpdump. A remote
attacker could use this to cause a denial of service (application
crash) or possibly execute arbitrary code. (CVE-2017-13011)
Otto Airamo and Antti Levomaki discovered logic errors in different
protocol parsers in tcpdump that could lead to an infinite loop. A
remote attacker could use these to cause a denial of service
(application hang). CVE-2017-12989, CVE-2017-12990, CVE-2017-12995,
CVE-2017-12997)
Otto Airamo, Brian Carpenter, Yannick Formaggio, Kamil Frankowicz,
Katie Holly, Kim Gwan Yeong, Antti Levomaki, Henri Salo, and Bhargava
Shastry discovered out-of-bounds reads in muliptle protocol parsers in
tcpdump. A remote attacker could use these to cause a denial of
service (application crash). (CVE-2017-11108, CVE-2017-11541,
CVE-2017-11542, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895,
CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899,
CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985,
CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12991,
CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12996,
CVE-2017-12998, CVE-2017-12999, CVE-2017-13000, CVE-2017-13001,
CVE-2017-13002, CVE-2017-13003, CVE-2017-13004, CVE-2017-13005,
CVE-2017-13006, CVE-2017-13007, CVE-2017-13008, CVE-2017-13009,
CVE-2017-13010, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014,
CVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017-13018,
CVE-2017-13019, CVE-2017-13020, CVE-2017-13021, CVE-2017-13022,
CVE-2017-13023, CVE-2017-13024, CVE-2017-13025, CVE-2017-13026,
CVE-2017-13027, CVE-2017-13028, CVE-2017-13029, CVE-2017-13030,
CVE-2017-13031, CVE-2017-13032, CVE-2017-13033, CVE-2017-13034,
CVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038,
CVE-2017-13039, CVE-2017-13040, CVE-2017-13041, CVE-2017-13042,
CVE-2017-13043, CVE-2017-13044, CVE-2017-13045, CVE-2017-13046,
CVE-2017-13047, CVE-2017-13048, CVE-2017-13049, CVE-2017-13050,
CVE-2017-13051, CVE-2017-13052, CVE-2017-13053, CVE-2017-13054,
CVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689,
CVE-2017-13690, CVE-2017-13725).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues. | | last seen | 2019-01-16 | | modified | 2018-12-01 | | plugin id | 103218 | | published | 2017-09-14 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=103218 | | title | Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : tcpdump vulnerabilities (USN-3415-1) |
| NASL family | AIX Local Security Checks | | NASL id | AIX_IV94729.NASL | | description | Vulnerabilities in tcpdump affect AIX :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the Juniper component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the RIPng component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the BGP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the telnet component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IEEE 802.11 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the IPv6 routing headers component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IPv6
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the Zephyr component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the EIGRP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
tok2strbuf component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the DECnet
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the NFS component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO CLNS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISAKMP component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ICMP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the lookup_bytestring component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the SMB/CIFS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump is vulnerable to a denial of
service, caused by a heap-based buffer over-read in the pimv1_print
function in print-pim.c. An attacker could exploit this vulnerability
to cause the application to crash. tcpdump is vulnerable to a denial
of service, caused by a heap-based buffer over-read in the lldp_print
function in print-lldp.c. An attacker could exploit this vulnerability
to cause the application to crash. tcpdump is vulnerable to a denial
of service, caused by an error in the LLDP component. By sending
specially crafted data, a remote attacker could exploit this
vulnerability to cause the application to enter into an infinite loop.
tcpdump is vulnerable to a denial of service, caused by an error in
the DNS component. By sending specially crafted data, a remote
attacker could exploit this vulnerability to cause the application to
enter into an infinite loop. tcpdump is vulnerable to a denial of
service, caused by an error in the ISAKMP component. By sending
specially crafted data, a remote attacker could exploit this
vulnerability to cause the application to enter into an infinite loop.
tcpdump is vulnerable to a denial of service, caused by an error in
the RESP component. By sending specially crafted data, a remote
attacker could exploit this vulnerability to cause the application to
enter into an infinite loop. tcpdump is vulnerable to a buffer
overflow, caused by improper bounds checking by the
bittok2str_internal component. By sending an overly long string
argument, a remote attacker could overflow a buffer and execute
arbitrary code on the system or cause the application to crash.
tcpdump is vulnerable to a denial of service, caused by a buffer
overflow in the sliplink_print function in print-sl.c. An attacker
could exploit this vulnerability to cause the application to crash.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PGM component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the DHCPv6 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO ES-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump is vulnerable to a denial of service, caused by a
buffer overflow in the sliplink_print function in print-sl.c. An
attacker could exploit this vulnerability to cause the application to
crash. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the EAP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the White Board component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ARP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the ICMP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BEEP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IPv6
mobility component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IEEE 802.11
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the L2TP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the NFS component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
Juniper component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the LMP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the AODV component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the NFS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the IEEE 802.15.4 component. By sending
a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO IS-IS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO IS-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the PIMv2
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the BGP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump is vulnerable
to a denial of service, caused by a heap-based buffer over-read in the
lldp_print function in print-lldp.c. An attacker could exploit this
vulnerability to cause the application to crash. tcpdump is vulnerable
to a denial of service, caused by a heap-based buffer over-read in the
pimv1_print function in print-pim.c. An attacker could exploit this
vulnerability to cause the application to crash. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BGP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the HNCP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the ICMPv6 component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the MPTCP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
ISAKMP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PPP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
OSPFv3 component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the ISO IS-IS component. By
sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the PGM component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the VTP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the RADIUS component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 fragmentation header component. By sending
a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the PIM component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the PPP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the BOOTP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the LLDP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the ISO
IS-IS component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the IPv6 mobility component. By
sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 mobility component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the IPv6 mobility component. By sending a specially crafted request,
an attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ICMPv6 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the VTP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PGM component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 routing headers component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IKEv2 component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IKEv1
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the OLSR component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the Cisco HDLC component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO IS-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the LLDP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BGP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the CFM
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the RSVP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the RPKI-Router component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the Rx component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the RSVP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO ES-IS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the BGP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the VQP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the HNCP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. | | last seen | 2019-01-16 | | modified | 2018-01-26 | | plugin id | 100472 | | published | 2017-05-30 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=100472 | | title | AIX 5.3 TL 12 : tcpdump (IV94729) |
| NASL family | AIX Local Security Checks | | NASL id | AIX_IV94728.NASL | | description | Vulnerabilities in tcpdump affect AIX :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the Juniper component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the RIPng component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the BGP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the telnet component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IEEE 802.11 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the IPv6 routing headers component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IPv6
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the Zephyr component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the EIGRP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
tok2strbuf component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the DECnet
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the NFS component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO CLNS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISAKMP component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ICMP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the lookup_bytestring component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the SMB/CIFS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump is vulnerable to a denial of
service, caused by a heap-based buffer over-read in the pimv1_print
function in print-pim.c. An attacker could exploit this vulnerability
to cause the application to crash. tcpdump is vulnerable to a denial
of service, caused by a heap-based buffer over-read in the lldp_print
function in print-lldp.c. An attacker could exploit this vulnerability
to cause the application to crash. tcpdump is vulnerable to a denial
of service, caused by an error in the LLDP component. By sending
specially crafted data, a remote attacker could exploit this
vulnerability to cause the application to enter into an infinite loop.
tcpdump is vulnerable to a denial of service, caused by an error in
the DNS component. By sending specially crafted data, a remote
attacker could exploit this vulnerability to cause the application to
enter into an infinite loop. tcpdump is vulnerable to a denial of
service, caused by an error in the ISAKMP component. By sending
specially crafted data, a remote attacker could exploit this
vulnerability to cause the application to enter into an infinite loop.
tcpdump is vulnerable to a denial of service, caused by an error in
the RESP component. By sending specially crafted data, a remote
attacker could exploit this vulnerability to cause the application to
enter into an infinite loop. tcpdump is vulnerable to a buffer
overflow, caused by improper bounds checking by the
bittok2str_internal component. By sending an overly long string
argument, a remote attacker could overflow a buffer and execute
arbitrary code on the system or cause the application to crash.
tcpdump is vulnerable to a denial of service, caused by a buffer
overflow in the sliplink_print function in print-sl.c. An attacker
could exploit this vulnerability to cause the application to crash.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PGM component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the DHCPv6 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO ES-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump is vulnerable to a denial of service, caused by a
buffer overflow in the sliplink_print function in print-sl.c. An
attacker could exploit this vulnerability to cause the application to
crash. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the EAP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the White Board component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ARP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the ICMP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BEEP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IPv6
mobility component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IEEE 802.11
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the L2TP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the NFS component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
Juniper component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the LMP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the AODV component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the NFS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the IEEE 802.15.4 component. By sending
a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO IS-IS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO IS-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the PIMv2
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the BGP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump is vulnerable
to a denial of service, caused by a heap-based buffer over-read in the
lldp_print function in print-lldp.c. An attacker could exploit this
vulnerability to cause the application to crash. tcpdump is vulnerable
to a denial of service, caused by a heap-based buffer over-read in the
pimv1_print function in print-pim.c. An attacker could exploit this
vulnerability to cause the application to crash. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BGP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the HNCP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the ICMPv6 component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the MPTCP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
ISAKMP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PPP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
OSPFv3 component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the ISO IS-IS component. By
sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the PGM component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the VTP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the RADIUS component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 fragmentation header component. By sending
a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the PIM component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the PPP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the BOOTP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the LLDP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the ISO
IS-IS component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the IPv6 mobility component. By
sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 mobility component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the IPv6 mobility component. By sending a specially crafted request,
an attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ICMPv6 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the VTP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PGM component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 routing headers component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IKEv2 component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IKEv1
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the OLSR component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the Cisco HDLC component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO IS-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the LLDP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BGP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the CFM
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the RSVP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the RPKI-Router component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the Rx component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the RSVP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO ES-IS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the BGP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the VQP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the HNCP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. | | last seen | 2019-01-16 | | modified | 2018-01-26 | | plugin id | 100471 | | published | 2017-05-30 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=100471 | | title | AIX 6.1 TL 9 : tcpdump (IV94728) |
| NASL family | AIX Local Security Checks | | NASL id | AIX_IV94724.NASL | | description | Vulnerabilities in tcpdump affect AIX :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the Juniper component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the RIPng component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the BGP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the telnet component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IEEE 802.11 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the IPv6 routing headers component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IPv6
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the Zephyr component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the EIGRP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
tok2strbuf component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the DECnet
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the NFS component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO CLNS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISAKMP component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ICMP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the lookup_bytestring component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the SMB/CIFS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump is vulnerable to a denial of
service, caused by a heap-based buffer over-read in the pimv1_print
function in print-pim.c. An attacker could exploit this vulnerability
to cause the application to crash. tcpdump is vulnerable to a denial
of service, caused by a heap-based buffer over-read in the lldp_print
function in print-lldp.c. An attacker could exploit this vulnerability
to cause the application to crash. tcpdump is vulnerable to a denial
of service, caused by an error in the LLDP component. By sending
specially crafted data, a remote attacker could exploit this
vulnerability to cause the application to enter into an infinite loop.
tcpdump is vulnerable to a denial of service, caused by an error in
the DNS component. By sending specially crafted data, a remote
attacker could exploit this vulnerability to cause the application to
enter into an infinite loop. tcpdump is vulnerable to a denial of
service, caused by an error in the ISAKMP component. By sending
specially crafted data, a remote attacker could exploit this
vulnerability to cause the application to enter into an infinite loop.
tcpdump is vulnerable to a denial of service, caused by an error in
the RESP component. By sending specially crafted data, a remote
attacker could exploit this vulnerability to cause the application to
enter into an infinite loop. tcpdump is vulnerable to a buffer
overflow, caused by improper bounds checking by the
bittok2str_internal component. By sending an overly long string
argument, a remote attacker could overflow a buffer and execute
arbitrary code on the system or cause the application to crash.
tcpdump is vulnerable to a denial of service, caused by a buffer
overflow in the sliplink_print function in print-sl.c. An attacker
could exploit this vulnerability to cause the application to crash.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PGM component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the DHCPv6 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO ES-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump is vulnerable to a denial of service, caused by a
buffer overflow in the sliplink_print function in print-sl.c. An
attacker could exploit this vulnerability to cause the application to
crash. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the EAP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the White Board component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ARP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the ICMP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BEEP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IPv6
mobility component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IEEE 802.11
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the L2TP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the NFS component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
Juniper component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the LMP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the AODV component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the NFS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the IEEE 802.15.4 component. By sending
a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO IS-IS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO IS-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the PIMv2
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the BGP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump is vulnerable
to a denial of service, caused by a heap-based buffer over-read in the
lldp_print function in print-lldp.c. An attacker could exploit this
vulnerability to cause the application to crash. tcpdump is vulnerable
to a denial of service, caused by a heap-based buffer over-read in the
pimv1_print function in print-pim.c. An attacker could exploit this
vulnerability to cause the application to crash. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BGP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the HNCP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the ICMPv6 component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the MPTCP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
ISAKMP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PPP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
OSPFv3 component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the ISO IS-IS component. By
sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the PGM component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the VTP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the RADIUS component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 fragmentation header component. By sending
a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the PIM component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the PPP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the BOOTP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the LLDP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the ISO
IS-IS component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the IPv6 mobility component. By
sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 mobility component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the IPv6 mobility component. By sending a specially crafted request,
an attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ICMPv6 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the VTP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PGM component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 routing headers component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IKEv2 component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IKEv1
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the OLSR component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the Cisco HDLC component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO IS-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the LLDP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BGP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the CFM
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the RSVP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the RPKI-Router component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the Rx component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the RSVP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO ES-IS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the BGP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the VQP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the HNCP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. | | last seen | 2019-01-16 | | modified | 2018-01-26 | | plugin id | 100468 | | published | 2017-05-30 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=100468 | | title | AIX 7.2 TL 0 : tcpdump (IV94724) |
| NASL family | Gentoo Local Security Checks | | NASL id | GENTOO_GLSA-201709-23.NASL | | description | The remote host is affected by the vulnerability described in GLSA-201709-23
(Tcpdump: Multiple vulnerabilities)
Multiple vulnerabilities have been discovered in Tcpdump. Please review
the referenced CVE identifiers for details.
Impact :
A remote attacker could possibly execute arbitrary code with the
privileges of the process or cause a Denial of Service condition.
Workaround :
There is no known workaround at this time. | | last seen | 2019-01-16 | | modified | 2018-01-26 | | plugin id | 103462 | | published | 2017-09-26 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=103462 | | title | GLSA-201709-23 : Tcpdump: Multiple vulnerabilities |
| NASL family | SuSE Local Security Checks | | NASL id | SUSE_SU-2017-2854-1.NASL | | description | This update for tcpdump to version 4.9.2 fixes several issues. These
security issues were fixed :
- CVE-2017-11108: Prevent remote attackers to cause DoS
(heap-based buffer over-read and application crash) via
crafted packet data. The crash occured in the
EXTRACT_16BITS function, called from the stp_print
function for the Spanning Tree Protocol (bsc#1047873,
bsc#1057247).
- CVE-2017-11543: Prevent buffer overflow in the
sliplink_print function in print-sl.c that allowed
remote DoS (bsc#1057247).
- CVE-2017-13011: Prevent buffer overflow in
bittok2str_internal() that allowed remote DoS
(bsc#1057247)
- CVE-2017-12989: Prevent infinite loop in the RESP parser
that allowed remote DoS (bsc#1057247)
- CVE-2017-12990: Prevent infinite loop in the ISAKMP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12995: Prevent infinite loop in the DNS parser
that allowed remote DoS (bsc#1057247)
- CVE-2017-12997: Prevent infinite loop in the LLDP parser
that allowed remote DoS (bsc#1057247)
- CVE-2017-11541: Prevent heap-based buffer over-read in
the lldp_print function in print-lldp.c, related to
util-print.c that allowed remote DoS (bsc#1057247).
- CVE-2017-11542: Prevent heap-based buffer over-read in
the pimv1_print function in print-pim.c that allowed
remote DoS (bsc#1057247).
- CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12894: Prevent buffer over-read in several
protocol parsers that allowed remote DoS (bsc#1057247)
- CVE-2017-12895: Prevent buffer over-read in the ICMP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12896: Prevent buffer over-read in the ISAKMP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12897: Prevent buffer over-read in the ISO CLNS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12898: Prevent buffer over-read in the NFS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12899: Prevent buffer over-read in the DECnet
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12900: Prevent buffer over-read in the in
several protocol parsers that allowed remote DoS
(bsc#1057247)
- CVE-2017-12901: Prevent buffer over-read in the EIGRP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12902: Prevent buffer over-read in the Zephyr
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12985: Prevent buffer over-read in the IPv6
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12986: Prevent buffer over-read in the IPv6
routing header parser that allowed remote DoS
(bsc#1057247)
- CVE-2017-12987: Prevent buffer over-read in the 802.11
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12988: Prevent buffer over-read in the telnet
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12991: Prevent buffer over-read in the BGP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12992: Prevent buffer over-read in the RIPng
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12993: Prevent buffer over-read in the Juniper
protocols parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12994: Prevent buffer over-read in the BGP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12996: Prevent buffer over-read in the PIMv2
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12998: Prevent buffer over-read in the IS-IS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12999: Prevent buffer over-read in the IS-IS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13000: Prevent buffer over-read in the IEEE
802.15.4 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13001: Prevent buffer over-read in the NFS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13002: Prevent buffer over-read in the AODV
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13003: Prevent buffer over-read in the LMP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13004: Prevent buffer over-read in the Juniper
protocols parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13005: Prevent buffer over-read in the NFS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13006: Prevent buffer over-read in the L2TP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13007: Prevent buffer over-read in the Apple
PKTAP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13008: Prevent buffer over-read in the IEEE
802.11 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13009: Prevent buffer over-read in the IPv6
mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13010: Prevent buffer over-read in the BEEP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13012: Prevent buffer over-read in the ICMP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13013: Prevent buffer over-read in the ARP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13014: Prevent buffer over-read in the White
Board protocol parser that allowed remote DoS
(bsc#1057247)
- CVE-2017-13015: Prevent buffer over-read in the EAP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13016: Prevent buffer over-read in the ISO
ES-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13017: Prevent buffer over-read in the DHCPv6
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13018: Prevent buffer over-read in the PGM
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13019: Prevent buffer over-read in the PGM
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13020: Prevent buffer over-read in the VTP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13021: Prevent buffer over-read in the ICMPv6
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13022: Prevent buffer over-read in the IP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13023: Prevent buffer over-read in the IPv6
mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13024: Prevent buffer over-read in the IPv6
mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13025: Prevent buffer over-read in the IPv6
mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13026: Prevent buffer over-read in the ISO
IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13027: Prevent buffer over-read in the LLDP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13028: Prevent buffer over-read in the BOOTP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13029: Prevent buffer over-read in the PPP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13030: Prevent buffer over-read in the PIM
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13031: Prevent buffer over-read in the IPv6
fragmentation header parser that allowed remote DoS
(bsc#1057247)
- CVE-2017-13032: Prevent buffer over-read in the RADIUS
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13033: Prevent buffer over-read in the VTP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13034: Prevent buffer over-read in the PGM
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13035: Prevent buffer over-read in the ISO
IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13036: Prevent buffer over-read in the OSPFv3
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13037: Prevent buffer over-read in the IP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13038: Prevent buffer over-read in the PPP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13039: Prevent buffer over-read in the ISAKMP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13040: Prevent buffer over-read in the MPTCP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13041: Prevent buffer over-read in the ICMPv6
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13042: Prevent buffer over-read in the HNCP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13043: Prevent buffer over-read in the BGP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13044: Prevent buffer over-read in the HNCP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13045: Prevent buffer over-read in the VQP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13046: Prevent buffer over-read in the BGP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13047: Prevent buffer over-read in the ISO
ES-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13048: Prevent buffer over-read in the RSVP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13049: Prevent buffer over-read in the Rx
protocol parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13050: Prevent buffer over-read in the
RPKI-Router parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13051: Prevent buffer over-read in the RSVP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13052: Prevent buffer over-read in the CFM
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13053: Prevent buffer over-read in the BGP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13054: Prevent buffer over-read in the LLDP
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13055: Prevent buffer over-read in the ISO
IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13687: Prevent buffer over-read in the Cisco
HDLC parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13688: Prevent buffer over-read in the OLSR
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13689: Prevent buffer over-read in the IKEv1
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13690: Prevent buffer over-read in the IKEv2
parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13725: Prevent buffer over-read in the IPv6
routing header parser that allowed remote DoS
(bsc#1057247)
- Prevent segmentation fault in ESP decoder with OpenSSL
1.1 (bsc#1057247)
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues. | | last seen | 2019-01-16 | | modified | 2018-11-30 | | plugin id | 104208 | | published | 2017-10-27 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=104208 | | title | SUSE SLED12 / SLES12 Security Update : tcpdump (SUSE-SU-2017:2854-1) |
| NASL family | AIX Local Security Checks | | NASL id | AIX_IV94726.NASL | | description | Vulnerabilities in tcpdump affect AIX :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the Juniper component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the RIPng component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the BGP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the telnet component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IEEE 802.11 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the IPv6 routing headers component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IPv6
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the Zephyr component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the EIGRP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
tok2strbuf component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the DECnet
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the NFS component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO CLNS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISAKMP component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the ICMP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the lookup_bytestring component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the SMB/CIFS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump is vulnerable to a denial of
service, caused by a heap-based buffer over-read in the pimv1_print
function in print-pim.c. An attacker could exploit this vulnerability
to cause the application to crash. tcpdump is vulnerable to a denial
of service, caused by a heap-based buffer over-read in the lldp_print
function in print-lldp.c. An attacker could exploit this vulnerability
to cause the application to crash. tcpdump is vulnerable to a denial
of service, caused by an error in the LLDP component. By sending
specially crafted data, a remote attacker could exploit this
vulnerability to cause the application to enter into an infinite loop.
tcpdump is vulnerable to a denial of service, caused by an error in
the DNS component. By sending specially crafted data, a remote
attacker could exploit this vulnerability to cause the application to
enter into an infinite loop. tcpdump is vulnerable to a denial of
service, caused by an error in the ISAKMP component. By sending
specially crafted data, a remote attacker could exploit this
vulnerability to cause the application to enter into an infinite loop.
tcpdump is vulnerable to a denial of service, caused by an error in
the RESP component. By sending specially crafted data, a remote
attacker could exploit this vulnerability to cause the application to
enter into an infinite loop. tcpdump is vulnerable to a buffer
overflow, caused by improper bounds checking by the
bittok2str_internal component. By sending an overly long string
argument, a remote attacker could overflow a buffer and execute
arbitrary code on the system or cause the application to crash.
tcpdump is vulnerable to a denial of service, caused by a buffer
overflow in the sliplink_print function in print-sl.c. An attacker
could exploit this vulnerability to cause the application to crash.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PGM component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the DHCPv6 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO ES-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump is vulnerable to a denial of service, caused by a
buffer overflow in the sliplink_print function in print-sl.c. An
attacker could exploit this vulnerability to cause the application to
crash. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the EAP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the White Board component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ARP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the ICMP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BEEP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IPv6
mobility component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IEEE 802.11
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the L2TP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the NFS component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
Juniper component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the LMP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the AODV component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the NFS
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the IEEE 802.15.4 component. By sending
a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO IS-IS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO IS-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the PIMv2
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the BGP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump is vulnerable
to a denial of service, caused by a heap-based buffer over-read in the
lldp_print function in print-lldp.c. An attacker could exploit this
vulnerability to cause the application to crash. tcpdump is vulnerable
to a denial of service, caused by a heap-based buffer over-read in the
pimv1_print function in print-pim.c. An attacker could exploit this
vulnerability to cause the application to crash. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BGP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the HNCP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the ICMPv6 component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the MPTCP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
ISAKMP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PPP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the
OSPFv3 component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the ISO IS-IS component. By
sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the PGM component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the VTP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the RADIUS component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 fragmentation header component. By sending
a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the PIM component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the PPP
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the BOOTP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the LLDP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the ISO
IS-IS component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the IPv6 mobility component. By
sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 mobility component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the IPv6 mobility component. By sending a specially crafted request,
an attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the IP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ICMPv6 component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the VTP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the PGM component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IPv6 routing headers component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the IKEv2 component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the IKEv1
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the OLSR component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the Cisco HDLC component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the ISO IS-IS component. By sending a specially crafted request, an
attacker could exploit this vulnerability to obtain sensitive
information. tcpdump could allow a remote attacker to obtain sensitive
information, caused by a buffer overread memory in the LLDP component.
By sending a specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the BGP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. tcpdump could allow a remote attacker to obtain
sensitive information, caused by a buffer overread memory in the CFM
component. By sending a specially crafted request, an attacker could
exploit this vulnerability to obtain sensitive information. tcpdump
could allow a remote attacker to obtain sensitive information, caused
by a buffer overread memory in the RSVP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the RPKI-Router component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the Rx component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the RSVP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the ISO ES-IS component. By sending a specially
crafted request, an attacker could exploit this vulnerability to
obtain sensitive information. tcpdump could allow a remote attacker to
obtain sensitive information, caused by a buffer overread memory in
the BGP component. By sending a specially crafted request, an attacker
could exploit this vulnerability to obtain sensitive information.
tcpdump could allow a remote attacker to obtain sensitive information,
caused by a buffer overread memory in the VQP component. By sending a
specially crafted request, an attacker could exploit this
vulnerability to obtain sensitive information. tcpdump could allow a
remote attacker to obtain sensitive information, caused by a buffer
overread memory in the HNCP component. By sending a specially crafted
request, an attacker could exploit this vulnerability to obtain
sensitive information. | | last seen | 2019-01-16 | | modified | 2018-01-26 | | plugin id | 100469 | | published | 2017-05-30 | | reporter | Tenable | | source | https://www.tenable.com/plugins/index.php?view=single&id=100469 | | title | AIX 7.1 TL 4 : tcpdump (IV94726) |
|
