Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-1218

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-02 Mar, 2007 | 20:00
Updated At-07 Aug, 2024 | 12:50
Rejected At-
Credits

Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:02 Mar, 2007 | 20:00
Updated At:07 Aug, 2024 | 12:50
Rejected At:
▼CVE Numbering Authority (CNA)

Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.redhat.com/support/errata/RHSA-2007-0387.html
vendor-advisory
x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/4238
vdb-entry
x_refsource_VUPEN
http://www.securityfocus.com/bid/22772
vdb-entry
x_refsource_BID
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
third-party-advisory
x_refsource_CERT
http://www.osvdb.org/32427
vdb-entry
x_refsource_OSVDB
http://www.debian.org/security/2007/dsa-1272
vendor-advisory
x_refsource_DEBIAN
http://secunia.com/advisories/27580
third-party-advisory
x_refsource_SECUNIA
http://fedoranews.org/cms/node/2798
vendor-advisory
x_refsource_FEDORA
http://www.ubuntu.com/usn/usn-429-1
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/28136
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/0793
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/24354
third-party-advisory
x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/32749
vdb-entry
x_refsource_XF
http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c?r1=1.31.2.11&r2=1.31.2.12
x_refsource_MISC
https://issues.rpath.com/browse/RPL-1100
x_refsource_CONFIRM
https://bugs.gentoo.org/show_bug.cgi?id=168916
x_refsource_MISC
http://www.redhat.com/support/errata/RHSA-2007-0368.html
vendor-advisory
x_refsource_REDHAT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9520
vdb-entry
signature
x_refsource_OVAL
http://secunia.com/advisories/24423
third-party-advisory
x_refsource_SECUNIA
http://seclists.org/fulldisclosure/2007/Mar/0003.html
mailing-list
x_refsource_FULLDISC
http://www.mandriva.com/security/advisories?name=MDKSA-2007:056
vendor-advisory
x_refsource_MANDRIVA
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/24451
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:155
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/24610
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/24583
third-party-advisory
x_refsource_SECUNIA
http://www.securitytracker.com/id?1017717
vdb-entry
x_refsource_SECTRACK
http://docs.info.apple.com/article.html?artnum=307179
x_refsource_CONFIRM
http://fedoranews.org/cms/node/2799
vendor-advisory
x_refsource_FEDORA
http://www.turbolinux.com/security/2007/TLSA-2007-46.txt
vendor-advisory
x_refsource_TURBO
http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c
x_refsource_CONFIRM
http://secunia.com/advisories/24318
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0387.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.vupen.com/english/advisories/2007/4238
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.securityfocus.com/bid/22772
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-352A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://www.osvdb.org/32427
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.debian.org/security/2007/dsa-1272
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://secunia.com/advisories/27580
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://fedoranews.org/cms/node/2798
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.ubuntu.com/usn/usn-429-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/28136
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2007/0793
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/24354
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/32749
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c?r1=1.31.2.11&r2=1.31.2.12
Resource:
x_refsource_MISC
Hyperlink: https://issues.rpath.com/browse/RPL-1100
Resource:
x_refsource_CONFIRM
Hyperlink: https://bugs.gentoo.org/show_bug.cgi?id=168916
Resource:
x_refsource_MISC
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0368.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9520
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://secunia.com/advisories/24423
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://seclists.org/fulldisclosure/2007/Mar/0003.html
Resource:
mailing-list
x_refsource_FULLDISC
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:056
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/24451
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:155
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/24610
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/24583
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securitytracker.com/id?1017717
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://docs.info.apple.com/article.html?artnum=307179
Resource:
x_refsource_CONFIRM
Hyperlink: http://fedoranews.org/cms/node/2799
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.turbolinux.com/security/2007/TLSA-2007-46.txt
Resource:
vendor-advisory
x_refsource_TURBO
Hyperlink: http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/24318
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.redhat.com/support/errata/RHSA-2007-0387.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.vupen.com/english/advisories/2007/4238
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.securityfocus.com/bid/22772
vdb-entry
x_refsource_BID
x_transferred
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
third-party-advisory
x_refsource_CERT
x_transferred
http://www.osvdb.org/32427
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.debian.org/security/2007/dsa-1272
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://secunia.com/advisories/27580
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://fedoranews.org/cms/node/2798
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.ubuntu.com/usn/usn-429-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/28136
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2007/0793
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/24354
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/32749
vdb-entry
x_refsource_XF
x_transferred
http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c?r1=1.31.2.11&r2=1.31.2.12
x_refsource_MISC
x_transferred
https://issues.rpath.com/browse/RPL-1100
x_refsource_CONFIRM
x_transferred
https://bugs.gentoo.org/show_bug.cgi?id=168916
x_refsource_MISC
x_transferred
http://www.redhat.com/support/errata/RHSA-2007-0368.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9520
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://secunia.com/advisories/24423
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://seclists.org/fulldisclosure/2007/Mar/0003.html
mailing-list
x_refsource_FULLDISC
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:056
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/24451
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:155
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/24610
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/24583
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securitytracker.com/id?1017717
vdb-entry
x_refsource_SECTRACK
x_transferred
http://docs.info.apple.com/article.html?artnum=307179
x_refsource_CONFIRM
x_transferred
http://fedoranews.org/cms/node/2799
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.turbolinux.com/security/2007/TLSA-2007-46.txt
vendor-advisory
x_refsource_TURBO
x_transferred
http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/24318
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0387.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/4238
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.securityfocus.com/bid/22772
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-352A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://www.osvdb.org/32427
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.debian.org/security/2007/dsa-1272
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://secunia.com/advisories/27580
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://fedoranews.org/cms/node/2798
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-429-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/28136
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/0793
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/24354
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/32749
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c?r1=1.31.2.11&r2=1.31.2.12
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-1100
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugs.gentoo.org/show_bug.cgi?id=168916
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0368.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9520
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://secunia.com/advisories/24423
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://seclists.org/fulldisclosure/2007/Mar/0003.html
Resource:
mailing-list
x_refsource_FULLDISC
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:056
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/24451
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:155
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/24610
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/24583
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securitytracker.com/id?1017717
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://docs.info.apple.com/article.html?artnum=307179
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://fedoranews.org/cms/node/2799
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.turbolinux.com/security/2007/TLSA-2007-46.txt
Resource:
vendor-advisory
x_refsource_TURBO
x_transferred
Hyperlink: http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/24318
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:02 Mar, 2007 | 21:18
Updated At:11 Oct, 2017 | 01:31

Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
tcpdump & libpcap
tcpdump
>>tcpdump>>Versions up to 3.9.5(inclusive)
cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE-189Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-189
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2007-05-11T00:00:00

Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=232347 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/

References
HyperlinkSourceResource
http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.ccve@mitre.org
N/A
http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c?r1=1.31.2.11&r2=1.31.2.12cve@mitre.org
N/A
http://docs.info.apple.com/article.html?artnum=307179cve@mitre.org
N/A
http://fedoranews.org/cms/node/2798cve@mitre.org
N/A
http://fedoranews.org/cms/node/2799cve@mitre.org
N/A
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.htmlcve@mitre.org
N/A
http://seclists.org/fulldisclosure/2007/Mar/0003.htmlcve@mitre.org
N/A
http://secunia.com/advisories/24318cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/24354cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/24423cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/24451cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/24583cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/24610cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/27580cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/28136cve@mitre.org
Vendor Advisory
http://www.debian.org/security/2007/dsa-1272cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:056cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:155cve@mitre.org
N/A
http://www.osvdb.org/32427cve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2007-0368.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2007-0387.htmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/22772cve@mitre.org
N/A
http://www.securitytracker.com/id?1017717cve@mitre.org
N/A
http://www.turbolinux.com/security/2007/TLSA-2007-46.txtcve@mitre.org
N/A
http://www.ubuntu.com/usn/usn-429-1cve@mitre.org
N/A
http://www.us-cert.gov/cas/techalerts/TA07-352A.htmlcve@mitre.org
US Government Resource
http://www.vupen.com/english/advisories/2007/0793cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2007/4238cve@mitre.org
N/A
https://bugs.gentoo.org/show_bug.cgi?id=168916cve@mitre.org
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/32749cve@mitre.org
N/A
https://issues.rpath.com/browse/RPL-1100cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9520cve@mitre.org
N/A
Hyperlink: http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c?r1=1.31.2.11&r2=1.31.2.12
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://docs.info.apple.com/article.html?artnum=307179
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://fedoranews.org/cms/node/2798
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://fedoranews.org/cms/node/2799
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://seclists.org/fulldisclosure/2007/Mar/0003.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/24318
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/24354
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/24423
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/24451
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/24583
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/24610
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/27580
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/28136
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.debian.org/security/2007/dsa-1272
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:056
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:155
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.osvdb.org/32427
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0368.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0387.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/22772
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1017717
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.turbolinux.com/security/2007/TLSA-2007-46.txt
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/usn-429-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA07-352A.html
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2007/0793
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2007/4238
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://bugs.gentoo.org/show_bug.cgi?id=168916
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/32749
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://issues.rpath.com/browse/RPL-1100
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9520
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

2065Records found
CVE-2007-3798
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-74.40% / 98.80%
||
7 Day CHG~0.00%
Published-16 Jul, 2007 | 22:00
Updated-15 Oct, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.

Action-Not Available
Vendor-n/aFreeBSD FoundationApple Inc.Canonical Ltd.Debian GNU/Linuxtcpdump & libpcapSlackware
Product-ubuntu_linuxfreebsddebian_linuxslackwaremac_os_xmac_os_x_servertcpdumpn/a
CWE ID-CWE-252
Unchecked Return Value
CVE-2017-5203
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.08% / 76.92%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().

Action-Not Available
Vendor-n/aDebian GNU/Linuxtcpdump & libpcapRed Hat, Inc.
Product-enterprise_linux_desktopenterprise_linux_server_tusenterprise_linux_workstationenterprise_linux_server_eusdebian_linuxenterprise_linux_serverenterprise_linux_server_austcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5341
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.38% / 88.52%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5485
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5486
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5202
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.08% / 76.92%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().

Action-Not Available
Vendor-n/aDebian GNU/Linuxtcpdump & libpcapRed Hat, Inc.
Product-enterprise_linux_desktopenterprise_linux_server_tusenterprise_linux_workstationenterprise_linux_server_eusdebian_linuxenterprise_linux_serverenterprise_linux_server_austcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5205
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.08% / 76.92%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().

Action-Not Available
Vendor-n/aDebian GNU/Linuxtcpdump & libpcapRed Hat, Inc.
Product-enterprise_linux_desktopenterprise_linux_server_tusenterprise_linux_workstationenterprise_linux_server_eusdebian_linuxenterprise_linux_serverenterprise_linux_server_austcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-11543
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-13.57% / 93.97%
||
7 Day CHG~0.00%
Published-23 Jul, 2017 | 03:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7935
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7926
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.92% / 75.08%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7927
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.92% / 75.08%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-13011
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.49% / 80.27%
||
7 Day CHG~0.00%
Published-14 Sep, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7986
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7933
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7992
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7940
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7923
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.92% / 75.08%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-8574
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7932
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7939
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7922
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.92% / 75.08%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7973
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7937
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7993
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-8575
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.38% / 88.52%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482.

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7983
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.69% / 70.81%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7929
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.92% / 75.08%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniper_parse_header().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7925
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.92% / 75.08%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7974
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7984
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7924
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.92% / 75.08%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7930
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.92% / 75.08%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7931
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7936
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7985
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7975
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7928
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.92% / 75.08%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-7934
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5483
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.93% / 75.16%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5342
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.38% / 88.52%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5204
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.17% / 83.64%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print().

Action-Not Available
Vendor-n/aDebian GNU/Linuxtcpdump & libpcapRed Hat, Inc.
Product-enterprise_linux_desktopenterprise_linux_server_tusenterprise_linux_workstationenterprise_linux_server_eusdebian_linuxenterprise_linux_serverenterprise_linux_server_austcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5482
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.38% / 88.52%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575.

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-2154
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-1.90% / 82.46%
||
7 Day CHG~0.00%
Published-24 Mar, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value.

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-2153
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-13.98% / 94.07%
||
7 Day CHG~0.00%
Published-24 Mar, 2015 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-5484
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.76% / 81.84%
||
7 Day CHG~0.00%
Published-28 Jan, 2017 | 01:33
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print().

Action-Not Available
Vendor-n/atcpdump & libpcap
Product-tcpdumpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1720
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-64.54% / 98.38%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.

Action-Not Available
Vendor-postfixn/a
Product-postfixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-5680
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-34.30% / 96.84%
||
7 Day CHG~0.00%
Published-06 Apr, 2014 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in hfaxd in HylaFAX+ 5.2.4 through 5.5.3, when using LDAP authentication, might allow remote attackers to cause a denial of service (child hang) or execute arbitrary code via a long USER command.

Action-Not Available
Vendor-lee_howardn/a
Product-hylafax\+n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-9300
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.44% / 62.19%
||
7 Day CHG~0.00%
Published-29 May, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file.

Action-Not Available
Vendor-n/aVideoLAN
Product-vlc_media_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8803
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.11%
||
7 Day CHG~0.00%
Published-05 Jul, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Notepad++ 7.3.3 (32-bit) with Hex Editor Plugin v0.9.5 might allow user-assisted attackers to execute code via a crafted file, because of a "Data from Faulting Address controls Code Flow" issue. One threat model is a victim who obtains an untrusted crafted file from a remote location and issues several user-defined commands.

Action-Not Available
Vendor-notepad-plus-plusmh-nexusn/a
Product-hex_editornotepad\+\+n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-9529
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.68% / 70.69%
||
7 Day CHG~0.00%
Published-05 Jul, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XnView Classic for Windows Version 2.40 allows remote attackers to execute code via a crafted .fpx file, related to a "User Mode Write AV starting at Xfpx+0x0000000000004efd."

Action-Not Available
Vendor-n/aXnView (XnSoft)
Product-xnviewn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 41
  • 42
  • Next
Details not found