Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.113543 |
Category: | Buffer overflow |
Title: | tcpdump < 4.9.3 Multiple Vulnerabilities |
Summary: | tcpdump is prone to multiple vulnerabilities. |
Description: | Summary: tcpdump is prone to multiple vulnerabilities. Vulnerability Insight: There are buffer over-read vulnerabilities in the following modules: print-ldp.c:ldp_tlv_print(), print_icmp.c:icmp_print(), print_vrrp.c:vrrp_print(), print_lmp.c:lmp_print_data_link_subobjs(), print_rsvp.c:rsvp_obj_print(), print-rx.c:rx_cache_find(), print-rx.c:rx_cache_insert(), print-bgp.c:bgp_capabilities_print(), print-fr.c:mfr_print(), print-isakkmp.c:ikev1_n_print(), print_babel.c:babel_print_v2(), print-ospf6.c:ospf6_print_lshdr(), print-icmp6.c, print-802_11.c, print-hncp.c:print_prefix(), print-dccp.c:dccp_print_option(), print_bgp.c:bgp_attr_print(), print-smb.c:print_trans() There is a buffer overflow vulnerability in tcpdump.c:get_next_file(). There is a stack consumption vulnerability in print-bgp.c:bgp_attr_print(). There is a stack exhaustion vulnerability in smbutil.c:smb_fdata(). print_lmp.c:lmp_print_data_link_subobjs() lacks bounds checks. Vulnerability Impact: Successful exploitation would allow an attacker to read sensitive information or execute arbitrary code on the target machine. Affected Software/OS: tcpdump through version 4.9.2. Solution: Update to version 4.9.3. CVSS Score: 5.1 CVSS Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-14461 Common Vulnerability Exposure (CVE) ID: CVE-2018-14462 Common Vulnerability Exposure (CVE) ID: CVE-2018-14463 Common Vulnerability Exposure (CVE) ID: CVE-2018-14464 Common Vulnerability Exposure (CVE) ID: CVE-2018-14465 Common Vulnerability Exposure (CVE) ID: CVE-2018-14466 Common Vulnerability Exposure (CVE) ID: CVE-2018-14467 Common Vulnerability Exposure (CVE) ID: CVE-2018-14468 Common Vulnerability Exposure (CVE) ID: CVE-2018-14469 Common Vulnerability Exposure (CVE) ID: CVE-2018-14470 Common Vulnerability Exposure (CVE) ID: CVE-2018-14879 Common Vulnerability Exposure (CVE) ID: CVE-2018-14880 Common Vulnerability Exposure (CVE) ID: CVE-2018-14881 Common Vulnerability Exposure (CVE) ID: CVE-2018-14882 Common Vulnerability Exposure (CVE) ID: CVE-2018-16227 Common Vulnerability Exposure (CVE) ID: CVE-2018-16228 Common Vulnerability Exposure (CVE) ID: CVE-2018-16229 Common Vulnerability Exposure (CVE) ID: CVE-2018-16230 Common Vulnerability Exposure (CVE) ID: CVE-2018-16300 Common Vulnerability Exposure (CVE) ID: CVE-2018-16451 Common Vulnerability Exposure (CVE) ID: CVE-2018-16452 Common Vulnerability Exposure (CVE) ID: CVE-2019-15166 |
Copyright | Copyright (C) 2019 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |