suse-su-2017:0656-1
Vulnerability from csaf_suse
Published
2017-03-10 13:36
Modified
2017-03-10 13:36
Summary
Security update for tcpdump
Notes
Title of the patch
Security update for tcpdump
Description of the patch
This update for tcpdump fixes the following issues:
Security issues fixed (bsc#1020940):
- CVE-2016-7922: Corrected buffer overflow in AH parser print-ah.c:ah_print().
- CVE-2016-7923: Corrected buffer overflow in ARP parser print-arp.c:arp_print().
- CVE-2016-7925: Corrected buffer overflow in compressed SLIP parser print-sl.c:sl_if_print().
- CVE-2016-7926: Corrected buffer overflow in the Ethernet parser print-ether.c:ethertype_print().
- CVE-2016-7927: Corrected buffer overflow in the IEEE 802.11 parser print-802_11.c:ieee802_11_radio_print().
- CVE-2016-7928: Corrected buffer overflow in the IPComp parser print-ipcomp.c:ipcomp_print().
- CVE-2016-7931: Corrected buffer overflow in the MPLS parser print-mpls.c:mpls_print().
- CVE-2016-7936: Corrected buffer overflow in the UDP parser print-udp.c:udp_print().
- CVE-2016-7934,CVE-2016-7935,CVE-2016-7937: Corrected segmentation faults in function udp_print().
- CVE-2016-7939: Corrected buffer overflows in GRE parser print-gre.c:(multiple functions).
- CVE-2016-7940: Corrected buffer overflows in STP parser print-stp.c:(multiple functions).
- CVE-2016-7973: Corrected buffer overflow in AppleTalk parser print-atalk.c.
- CVE-2016-7974: Corrected buffer overflow in IP parser print-ip.c:(multiple functions).
- CVE-2016-7975: Corrected buffer overflow in TCP parser print-tcp.c:tcp_print().
- CVE-2016-7983,CVE-2016-7984: Corrected buffer overflow in TFTP parser print-tftp.c:tftp_print().
- CVE-2016-7992: Corrected buffer overflow in Classical IP over ATM parser print-cip.c.
- CVE-2016-7993: Corrected buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, etc.).
- CVE-2016-8574: Corrected buffer overflow in FRF.15 parser print-fr.c:frf15_print().
- CVE-2017-5202: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnp_print().
- CVE-2017-5203: Corrected buffer overflow in BOOTP parser print-bootp.c:bootp_print().
- CVE-2017-5204: Corrected buffer overflow in IPv6 parser print-ip6.c:ip6_print().
- CVE-2017-5483: Corrected buffer overflow in SNMP parser print-snmp.c:asn1_parse().
- CVE-2017-5484: Corrected buffer overflow in ATM parser print-atm.c:sig_print().
- CVE-2017-5485: Corrected buffer overflow in ISO CLNS parser addrtoname.c:lookup_nsap().
- CVE-2017-5486: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnp_print().
Patchnames
slessp4-tcpdump-13021
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tcpdump",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for tcpdump fixes the following issues:\n\nSecurity issues fixed (bsc#1020940):\n- CVE-2016-7922: Corrected buffer overflow in AH parser print-ah.c:ah_print().\n- CVE-2016-7923: Corrected buffer overflow in ARP parser print-arp.c:arp_print().\n- CVE-2016-7925: Corrected buffer overflow in compressed SLIP parser print-sl.c:sl_if_print().\n- CVE-2016-7926: Corrected buffer overflow in the Ethernet parser print-ether.c:ethertype_print().\n- CVE-2016-7927: Corrected buffer overflow in the IEEE 802.11 parser print-802_11.c:ieee802_11_radio_print().\n- CVE-2016-7928: Corrected buffer overflow in the IPComp parser print-ipcomp.c:ipcomp_print().\n- CVE-2016-7931: Corrected buffer overflow in the MPLS parser print-mpls.c:mpls_print().\n- CVE-2016-7936: Corrected buffer overflow in the UDP parser print-udp.c:udp_print().\n- CVE-2016-7934,CVE-2016-7935,CVE-2016-7937: Corrected segmentation faults in function udp_print(). \n- CVE-2016-7939: Corrected buffer overflows in GRE parser print-gre.c:(multiple functions).\n- CVE-2016-7940: Corrected buffer overflows in STP parser print-stp.c:(multiple functions).\n- CVE-2016-7973: Corrected buffer overflow in AppleTalk parser print-atalk.c.\n- CVE-2016-7974: Corrected buffer overflow in IP parser print-ip.c:(multiple functions).\n- CVE-2016-7975: Corrected buffer overflow in TCP parser print-tcp.c:tcp_print().\n- CVE-2016-7983,CVE-2016-7984: Corrected buffer overflow in TFTP parser print-tftp.c:tftp_print().\n- CVE-2016-7992: Corrected buffer overflow in Classical IP over ATM parser print-cip.c.\n- CVE-2016-7993: Corrected buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, etc.).\n- CVE-2016-8574: Corrected buffer overflow in FRF.15 parser print-fr.c:frf15_print().\n- CVE-2017-5202: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnp_print().\n- CVE-2017-5203: Corrected buffer overflow in BOOTP parser print-bootp.c:bootp_print().\n- CVE-2017-5204: Corrected buffer overflow in IPv6 parser print-ip6.c:ip6_print().\n- CVE-2017-5483: Corrected buffer overflow in SNMP parser print-snmp.c:asn1_parse().\n- CVE-2017-5484: Corrected buffer overflow in ATM parser print-atm.c:sig_print().\n- CVE-2017-5485: Corrected buffer overflow in ISO CLNS parser addrtoname.c:lookup_nsap().\n- CVE-2017-5486: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnp_print().\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp4-tcpdump-13021",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0656-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0656-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170656-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0656-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-March/002691.html"
},
{
"category": "self",
"summary": "SUSE Bug 1020940",
"url": "https://bugzilla.suse.com/1020940"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7922 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7923 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7925 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7926 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7927 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7928 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7931 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7934 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7935 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7936 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7937 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7939 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7940 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7973 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7974 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7975 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7983 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7984 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7992 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7993 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8574 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8574/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5202 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5203 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5204 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5483 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5484 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5484/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5485 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5486 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5486/"
}
],
"title": "Security update for tcpdump",
"tracking": {
"current_release_date": "2017-03-10T13:36:29Z",
"generator": {
"date": "2017-03-10T13:36:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0656-1",
"initial_release_date": "2017-03-10T13:36:29Z",
"revision_history": [
{
"date": "2017-03-10T13:36:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-3.9.8-1.29.1.i586",
"product": {
"name": "tcpdump-3.9.8-1.29.1.i586",
"product_id": "tcpdump-3.9.8-1.29.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-3.9.8-1.29.1.ia64",
"product": {
"name": "tcpdump-3.9.8-1.29.1.ia64",
"product_id": "tcpdump-3.9.8-1.29.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-3.9.8-1.29.1.ppc64",
"product": {
"name": "tcpdump-3.9.8-1.29.1.ppc64",
"product_id": "tcpdump-3.9.8-1.29.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-3.9.8-1.29.1.s390x",
"product": {
"name": "tcpdump-3.9.8-1.29.1.s390x",
"product_id": "tcpdump-3.9.8-1.29.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-3.9.8-1.29.1.x86_64",
"product": {
"name": "tcpdump-3.9.8-1.29.1.x86_64",
"product_id": "tcpdump-3.9.8-1.29.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-3.9.8-1.29.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586"
},
"product_reference": "tcpdump-3.9.8-1.29.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-3.9.8-1.29.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64"
},
"product_reference": "tcpdump-3.9.8-1.29.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-3.9.8-1.29.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64"
},
"product_reference": "tcpdump-3.9.8-1.29.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-3.9.8-1.29.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x"
},
"product_reference": "tcpdump-3.9.8-1.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-3.9.8-1.29.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
},
"product_reference": "tcpdump-3.9.8-1.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-3.9.8-1.29.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586"
},
"product_reference": "tcpdump-3.9.8-1.29.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-3.9.8-1.29.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64"
},
"product_reference": "tcpdump-3.9.8-1.29.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-3.9.8-1.29.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64"
},
"product_reference": "tcpdump-3.9.8-1.29.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-3.9.8-1.29.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x"
},
"product_reference": "tcpdump-3.9.8-1.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-3.9.8-1.29.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
},
"product_reference": "tcpdump-3.9.8-1.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-7922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7922"
}
],
"notes": [
{
"category": "general",
"text": "The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7922",
"url": "https://www.suse.com/security/cve/CVE-2016-7922"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7922",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7922"
},
{
"cve": "CVE-2016-7923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7923"
}
],
"notes": [
{
"category": "general",
"text": "The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7923",
"url": "https://www.suse.com/security/cve/CVE-2016-7923"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7923",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7923"
},
{
"cve": "CVE-2016-7925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7925"
}
],
"notes": [
{
"category": "general",
"text": "The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7925",
"url": "https://www.suse.com/security/cve/CVE-2016-7925"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7925",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7925"
},
{
"cve": "CVE-2016-7926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7926"
}
],
"notes": [
{
"category": "general",
"text": "The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7926",
"url": "https://www.suse.com/security/cve/CVE-2016-7926"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7926",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7926"
},
{
"cve": "CVE-2016-7927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7927"
}
],
"notes": [
{
"category": "general",
"text": "The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7927",
"url": "https://www.suse.com/security/cve/CVE-2016-7927"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7927",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7927"
},
{
"cve": "CVE-2016-7928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7928"
}
],
"notes": [
{
"category": "general",
"text": "The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7928",
"url": "https://www.suse.com/security/cve/CVE-2016-7928"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7928",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7928"
},
{
"cve": "CVE-2016-7931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7931"
}
],
"notes": [
{
"category": "general",
"text": "The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7931",
"url": "https://www.suse.com/security/cve/CVE-2016-7931"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7931",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7931"
},
{
"cve": "CVE-2016-7934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7934"
}
],
"notes": [
{
"category": "general",
"text": "The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7934",
"url": "https://www.suse.com/security/cve/CVE-2016-7934"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7934",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7934"
},
{
"cve": "CVE-2016-7935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7935"
}
],
"notes": [
{
"category": "general",
"text": "The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7935",
"url": "https://www.suse.com/security/cve/CVE-2016-7935"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7935",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7935"
},
{
"cve": "CVE-2016-7936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7936"
}
],
"notes": [
{
"category": "general",
"text": "The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7936",
"url": "https://www.suse.com/security/cve/CVE-2016-7936"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7936",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7936"
},
{
"cve": "CVE-2016-7937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7937"
}
],
"notes": [
{
"category": "general",
"text": "The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7937",
"url": "https://www.suse.com/security/cve/CVE-2016-7937"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7937",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7937"
},
{
"cve": "CVE-2016-7939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7939"
}
],
"notes": [
{
"category": "general",
"text": "The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7939",
"url": "https://www.suse.com/security/cve/CVE-2016-7939"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7939",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7939"
},
{
"cve": "CVE-2016-7940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7940"
}
],
"notes": [
{
"category": "general",
"text": "The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7940",
"url": "https://www.suse.com/security/cve/CVE-2016-7940"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7940",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7940"
},
{
"cve": "CVE-2016-7973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7973"
}
],
"notes": [
{
"category": "general",
"text": "The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7973",
"url": "https://www.suse.com/security/cve/CVE-2016-7973"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7973",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7973"
},
{
"cve": "CVE-2016-7974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7974"
}
],
"notes": [
{
"category": "general",
"text": "The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7974",
"url": "https://www.suse.com/security/cve/CVE-2016-7974"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7974",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7974"
},
{
"cve": "CVE-2016-7975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7975"
}
],
"notes": [
{
"category": "general",
"text": "The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7975",
"url": "https://www.suse.com/security/cve/CVE-2016-7975"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7975",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7975"
},
{
"cve": "CVE-2016-7983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7983"
}
],
"notes": [
{
"category": "general",
"text": "The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7983",
"url": "https://www.suse.com/security/cve/CVE-2016-7983"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7983",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7983"
},
{
"cve": "CVE-2016-7984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7984"
}
],
"notes": [
{
"category": "general",
"text": "The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7984",
"url": "https://www.suse.com/security/cve/CVE-2016-7984"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7984",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7984"
},
{
"cve": "CVE-2016-7992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7992"
}
],
"notes": [
{
"category": "general",
"text": "The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7992",
"url": "https://www.suse.com/security/cve/CVE-2016-7992"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7992",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7992"
},
{
"cve": "CVE-2016-7993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7993"
}
],
"notes": [
{
"category": "general",
"text": "A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7993",
"url": "https://www.suse.com/security/cve/CVE-2016-7993"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-7993",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-7993"
},
{
"cve": "CVE-2016-8574",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8574"
}
],
"notes": [
{
"category": "general",
"text": "The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8574",
"url": "https://www.suse.com/security/cve/CVE-2016-8574"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2016-8574",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2016-8574"
},
{
"cve": "CVE-2017-5202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5202"
}
],
"notes": [
{
"category": "general",
"text": "The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5202",
"url": "https://www.suse.com/security/cve/CVE-2017-5202"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5202",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2017-5202"
},
{
"cve": "CVE-2017-5203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5203"
}
],
"notes": [
{
"category": "general",
"text": "The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5203",
"url": "https://www.suse.com/security/cve/CVE-2017-5203"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5203",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2017-5203"
},
{
"cve": "CVE-2017-5204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5204"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5204",
"url": "https://www.suse.com/security/cve/CVE-2017-5204"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5204",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2017-5204"
},
{
"cve": "CVE-2017-5483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5483"
}
],
"notes": [
{
"category": "general",
"text": "The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5483",
"url": "https://www.suse.com/security/cve/CVE-2017-5483"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5483",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2017-5483"
},
{
"cve": "CVE-2017-5484",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5484"
}
],
"notes": [
{
"category": "general",
"text": "The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5484",
"url": "https://www.suse.com/security/cve/CVE-2017-5484"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5484",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2017-5484"
},
{
"cve": "CVE-2017-5485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5485"
}
],
"notes": [
{
"category": "general",
"text": "The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5485",
"url": "https://www.suse.com/security/cve/CVE-2017-5485"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5485",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2017-5485"
},
{
"cve": "CVE-2017-5486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5486"
}
],
"notes": [
{
"category": "general",
"text": "The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5486",
"url": "https://www.suse.com/security/cve/CVE-2017-5486"
},
{
"category": "external",
"summary": "SUSE Bug 1020940 for CVE-2017-5486",
"url": "https://bugzilla.suse.com/1020940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tcpdump-3.9.8-1.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tcpdump-3.9.8-1.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-03-10T13:36:29Z",
"details": "moderate"
}
],
"title": "CVE-2017-5486"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…