Red Hat Security Advisory 2017-1871-01 - The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. The following packages have been upgraded to a later upstream version: tcpdump. Security Fix: Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode which could cause it to display incorrect data, crash or enter an infinite loop.
543ecbee65f5ca3dd083ab9fb102943ec0f4ab45e0c6b83beeec67475a6e0ba9Gentoo Linux Security Advisory 201510-4 - Multiple vulnerabilities have been found in tcpdump, the worst of which can allow remote attackers to cause Denial of Service condition or executive arbitrary code. Versions less than 4.7.4 are affected.
8f44b4c35a4f81dafcda57ddeddbfc53a20fe647f7c2d18c988a66c606c662f2Ubuntu Security Notice 2580-1 - It was discovered that tcpdump incorrectly handled printing certain packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the tcpdump AppArmor profile.
88f12e032c72a7978de45fa5ee30e9df27a082edd84f1f50f7f2e7542f99e1ffMandriva Linux Security Advisory 2015-182 - Several vulnerabilities have been discovered in tcpdump. These vulnerabilities might result in denial of service (application crash) or, potentially, execution of arbitrary code.
b518c5cc2a38d5563e0f4d450daeb9cd17df9da4bc1d189a065f06513f681a47Mandriva Linux Security Advisory 2015-125 - The Tcpdump program could crash when processing a malformed OLSR payload when the verbose output flag was set. The application decoder for the Ad hoc On-Demand Distance Vector protocol in Tcpdump fails to perform input validation and performs unsafe out-of-bound accesses. The application will usually not crash, but perform out-of-bounds accesses and output/leak larger amounts of invalid data, which might lead to dropped packets. It is unknown if a payload exists that might trigger segfaults. It was discovered that tcpdump incorrectly handled printing PPP packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. Several vulnerabilities have been discovered in tcpdump. These vulnerabilities might result in denial of service (application crash) or, potentially, execution of arbitrary code. .
cccdf6a08416c7e233f85d97827ddb003d99b7d183693360b958ba81f6accaa2Debian Linux Security Advisory 3193-1 - Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service (application crash) or, potentially, execution of arbitrary code.
ab3815ba8d0e2672e234e5f127e052c0084060ae869aa409565552e7b04662a5tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.
1f87fb652ce996d41e7a06c601bc6ea29b13fee922945b23770c29490f1d8acetcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.
f59a2bb77612a1392973ecf1ee165028abf5c151e04ae3999b98f94fd9d04ae7tcpdump versions prior to 4.7.2 suffer from denial of service and code execution vulnerabilities.
424e9f605486e00763107ba04d05715cae9df6c2c581eb92b22d3a813d361721
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed