Vulnerabilities > CVE-2017-12996 - Out-of-bounds Read vulnerability in Tcpdump
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Overread Buffers An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
Nessus
NASL family Huawei Local Security Checks NASL id EULEROS_SA-2017-1281.NASL description According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2017-13048) - The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.(CVE-2017-13013) - The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().(CVE-2017-13033) - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().(CVE-2017-13036) - The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().(CVE-2017-13047) - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().(CVE-2017-13025) - The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().(CVE-2017-13019) - The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().(CVE-2017-12985) - The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().(CVE-2017-13725) - The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().(CVE-2017-12988) - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().(CVE-2017-12991) - The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.(CVE-2017-13040) - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().(CVE-2017-13029) - The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().(CVE-2017-1300 0) - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().(CVE-2017-13022) - The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.(CVE-2017-13039) - The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().(CVE-2017-13031) - The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.(CVE-2017-13030) - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().(CVE-2017-12994) - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().(CVE-2017-13043) - The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().(CVE-2017-13045) - The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().(CVE-2017-13054, CVE-2017-12998,CVE-2017-13014,CVE-2017-13037, CVE-2017-13690,CVE-2017-13017,CVE-2017-12895,CVE-2017-1 3046,CVE-2017-13688,CVE-2017-13053,CVE-2017-12995,CVE-2 017-12997,CVE-2017-13016,CVE-2017-13002,CVE-2017-12989, CVE-2017-12999,CVE-2017-12900,CVE-2017-13006,CVE-2017-1 2897,CVE-2017-13003,CVE-2017-12901,CVE-2017-13035,CVE-2 017-13009,CVE-2017-13032,CVE-2017-13049,CVE-2017-13007, CVE-2017-13041,CVE-2017-12987,CVE-2017-12993,CVE-2017-1 3023,CVE-2017-13026,CVE-2017-13055,CVE-2017-13042,CVE-2 017-13018,CVE-2017-13044,CVE-2017-13012,CVE-2017-13001, CVE-2017-13050,CVE-2017-13028,CVE-2017-13024,CVE-2017-1 2992,CVE-2017-13004,CVE-2017-13027,CVE-2017-13008,CVE-2 017-13051,CVE-2017-13020,CVE-2017-12902,CVE-2017-13689, CVE-2017-13005,CVE-2017-12894,CVE-2017-13015,CVE-2017-1 3038,CVE-2017-12990,CVE-2017-13034,CVE-2017-13011,CVE-2 017-13021,CVE-2017-13010,CVE-2017-12986,CVE-2017-12996, CVE-2017-13052) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2017-11-02 plugin id 104334 published 2017-11-02 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/104334 title EulerOS 2.0 SP2 : tcpdump (EulerOS-SA-2017-1281) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2017-1280.NASL description According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2017-13048) - The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.(CVE-2017-13013) - The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().(CVE-2017-13033) - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().(CVE-2017-13036) - The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().(CVE-2017-13047) - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().(CVE-2017-13025) - The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().(CVE-2017-13019) - The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().(CVE-2017-12985) - The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().(CVE-2017-13725) - The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().(CVE-2017-12988) - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().(CVE-2017-12991) - The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.(CVE-2017-13040) - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().(CVE-2017-13029) - The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().(CVE-2017-1300 0) - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().(CVE-2017-13022) - The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.(CVE-2017-13039) - The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().(CVE-2017-13031) - The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.(CVE-2017-13030) - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().(CVE-2017-12994) - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().(CVE-2017-13043) - The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().(CVE-2017-13045) - The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().(CVE-2017-13054, CVE-2017-12998,CVE-2017-13014,CVE-2017-13037, CVE-2017-13690,CVE-2017-13017,CVE-2017-12895,CVE-2017-1 3046,CVE-2017-13688,CVE-2017-13053,CVE-2017-12995,CVE-2 017-12997,CVE-2017-13016,CVE-2017-13002,CVE-2017-12989, CVE-2017-12999,CVE-2017-12900,CVE-2017-13006,CVE-2017-1 2897,CVE-2017-13003,CVE-2017-12901,CVE-2017-13035,CVE-2 017-13009,CVE-2017-13032,CVE-2017-13049,CVE-2017-13007, CVE-2017-13041,CVE-2017-12987,CVE-2017-12993,CVE-2017-1 3023,CVE-2017-13026,CVE-2017-13055,CVE-2017-13042,CVE-2 017-13018,CVE-2017-13044,CVE-2017-13012,CVE-2017-13001, CVE-2017-13050,CVE-2017-13028,CVE-2017-13024,CVE-2017-1 2992,CVE-2017-13004,CVE-2017-13027,CVE-2017-13008,CVE-2 017-13051,CVE-2017-13020,CVE-2017-12902,CVE-2017-13689, CVE-2017-13005,CVE-2017-12894,CVE-2017-13015,CVE-2017-1 3038,CVE-2017-12990,CVE-2017-13034,CVE-2017-13011,CVE-2 017-13021,CVE-2017-13010,CVE-2017-12986,CVE-2017-12996, CVE-2017-13052) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2017-11-02 plugin id 104333 published 2017-11-02 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/104333 title EulerOS 2.0 SP1 : tcpdump (EulerOS-SA-2017-1280) NASL family AIX Local Security Checks NASL id AIX_IV94724.NASL description Vulnerabilities in tcpdump affect AIX : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RIPng component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the telnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Zephyr component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EIGRP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the tok2strbuf component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DECnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO CLNS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the lookup_bytestring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the SMB/CIFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by an error in the LLDP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the DNS component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the ISAKMP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the RESP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the bittok2str_internal component. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DHCPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EAP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the White Board component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ARP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BEEP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the L2TP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the AODV component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.15.4 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIMv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the MPTCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OSPFv3 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RADIUS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 fragmentation header component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BOOTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv1 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OLSR component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Cisco HDLC component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the CFM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RPKI-Router component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Rx component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VQP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. last seen 2020-06-01 modified 2020-06-02 plugin id 100468 published 2017-05-30 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100468 title AIX 7.2 TL 0 : tcpdump (IV94724) NASL family AIX Local Security Checks NASL id AIX_IV94728.NASL description Vulnerabilities in tcpdump affect AIX : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RIPng component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the telnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Zephyr component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EIGRP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the tok2strbuf component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DECnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO CLNS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the lookup_bytestring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the SMB/CIFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by an error in the LLDP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the DNS component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the ISAKMP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the RESP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the bittok2str_internal component. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DHCPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EAP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the White Board component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ARP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BEEP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the L2TP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the AODV component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.15.4 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIMv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the MPTCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OSPFv3 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RADIUS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 fragmentation header component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BOOTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv1 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OLSR component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Cisco HDLC component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the CFM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RPKI-Router component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Rx component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VQP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. last seen 2020-06-01 modified 2020-06-02 plugin id 100471 published 2017-05-30 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100471 title AIX 6.1 TL 9 : tcpdump (IV94728) NASL family AIX Local Security Checks NASL id AIX_IV94726.NASL description Vulnerabilities in tcpdump affect AIX : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RIPng component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the telnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Zephyr component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EIGRP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the tok2strbuf component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DECnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO CLNS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the lookup_bytestring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the SMB/CIFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by an error in the LLDP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the DNS component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the ISAKMP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the RESP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the bittok2str_internal component. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DHCPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EAP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the White Board component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ARP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BEEP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the L2TP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the AODV component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.15.4 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIMv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the MPTCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OSPFv3 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RADIUS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 fragmentation header component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BOOTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv1 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OLSR component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Cisco HDLC component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the CFM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RPKI-Router component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Rx component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VQP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. last seen 2020-06-01 modified 2020-06-02 plugin id 100469 published 2017-05-30 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100469 title AIX 7.1 TL 4 : tcpdump (IV94726) NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2017-004.NASL description The remote host is running Mac OS X 10.11.6 or Mac OS X 10.12.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities affecting the following components : - 802.1X - apache - AppleScript - ATS - Audio - CFString - CoreText - curl - Dictionary Widget - file - Fonts - fsck_msdos - HFS - Heimdal - HelpViewer - ImageIO - Kernel - libarchive - Open Scripting Architecture - PCRE - Postfix - Quick Look - QuickTime - Remote Management - Sandbox - StreamingZip - tcpdump - Wi-Fi last seen 2020-06-01 modified 2020-06-02 plugin id 104379 published 2017-11-03 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/104379 title macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-001 and 2017-004) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0071_TCPDUMP.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has tcpdump packages installed that are affected by multiple vulnerabilities: - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf(). (CVE-2017-12900) - tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol. (CVE-2017-11108) - A vulnerability was discovered in tcpdump last seen 2020-06-01 modified 2020-06-02 plugin id 127275 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127275 title NewStart CGSL CORE 5.04 / MAIN 5.04 : tcpdump Multiple Vulnerabilities (NS-SA-2019-0071) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2017-251-03.NASL description New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 103091 published 2017-09-11 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/103091 title Slackware 13.37 / 14.0 / 14.1 / 14.2 / current : tcpdump (SSA:2017-251-03) NASL family AIX Local Security Checks NASL id AIX_IV94723.NASL description Vulnerabilities in tcpdump affect AIX : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RIPng component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the telnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Zephyr component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EIGRP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the tok2strbuf component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DECnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO CLNS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the lookup_bytestring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the SMB/CIFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by an error in the LLDP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the DNS component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the ISAKMP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the RESP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the bittok2str_internal component. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DHCPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EAP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the White Board component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ARP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BEEP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the L2TP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the AODV component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.15.4 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIMv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the MPTCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OSPFv3 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RADIUS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 fragmentation header component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BOOTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv1 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OLSR component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Cisco HDLC component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the CFM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RPKI-Router component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Rx component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VQP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. last seen 2020-06-01 modified 2020-06-02 plugin id 100467 published 2017-05-30 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100467 title AIX 7.2 TL 1 : tcpdump (IV94723) NASL family AIX Local Security Checks NASL id AIX_IV94727.NASL description Vulnerabilities in tcpdump affect AIX : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RIPng component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the telnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Zephyr component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EIGRP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the tok2strbuf component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DECnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO CLNS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the lookup_bytestring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the SMB/CIFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by an error in the LLDP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the DNS component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the ISAKMP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the RESP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the bittok2str_internal component. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DHCPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EAP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the White Board component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ARP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BEEP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the L2TP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the AODV component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.15.4 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIMv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the MPTCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OSPFv3 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RADIUS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 fragmentation header component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BOOTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv1 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OLSR component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Cisco HDLC component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the CFM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RPKI-Router component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Rx component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VQP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. last seen 2020-06-01 modified 2020-06-02 plugin id 100470 published 2017-05-30 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100470 title AIX 7.1 TL 3 : tcpdump (IV94727) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-3971.NASL description Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 103148 published 2017-09-13 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/103148 title Debian DSA-3971-1 : tcpdump - security update NASL family AIX Local Security Checks NASL id AIX_IV94729.NASL description Vulnerabilities in tcpdump affect AIX : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RIPng component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the telnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Zephyr component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EIGRP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the tok2strbuf component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DECnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO CLNS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the lookup_bytestring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the SMB/CIFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by an error in the LLDP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the DNS component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the ISAKMP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the RESP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the bittok2str_internal component. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DHCPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EAP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the White Board component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ARP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BEEP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the L2TP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the AODV component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.15.4 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIMv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the MPTCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OSPFv3 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RADIUS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 fragmentation header component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BOOTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv1 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OLSR component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Cisco HDLC component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the CFM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RPKI-Router component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Rx component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VQP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. last seen 2020-06-01 modified 2020-06-02 plugin id 100472 published 2017-05-30 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100472 title AIX 5.3 TL 12 : tcpdump (IV94729) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2017-0034.NASL description An update of [tcpdump,ruby] packages for PhotonOS has been released. last seen 2019-02-08 modified 2019-02-07 plugin id 111883 published 2018-08-17 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111883 title Photon OS 1.0: Ruby / Tcpdump PHSA-2017-0034 (deprecated) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-1097.NASL description Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code. For Debian 7 last seen 2020-03-17 modified 2017-09-18 plugin id 103257 published 2017-09-18 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/103257 title Debian DLA-1097-1 : tcpdump security update NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3415-1.NASL description Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2017-11543) Bhargava Shastry discovered a buffer overflow in the bitfield converter utility function bittok2str_internal() in tcpdump. A remote attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2017-13011) Otto Airamo and Antti Levomaki discovered logic errors in different protocol parsers in tcpdump that could lead to an infinite loop. A remote attacker could use these to cause a denial of service (application hang). CVE-2017-12989, CVE-2017-12990, CVE-2017-12995, CVE-2017-12997) Otto Airamo, Brian Carpenter, Yannick Formaggio, Kamil Frankowicz, Katie Holly, Kim Gwan Yeong, Antti Levomaki, Henri Salo, and Bhargava Shastry discovered out-of-bounds reads in muliptle protocol parsers in tcpdump. A remote attacker could use these to cause a denial of service (application crash). (CVE-2017-11108, CVE-2017-11541, CVE-2017-11542, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12991, CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12996, CVE-2017-12998, CVE-2017-12999, CVE-2017-13000, CVE-2017-13001, CVE-2017-13002, CVE-2017-13003, CVE-2017-13004, CVE-2017-13005, CVE-2017-13006, CVE-2017-13007, CVE-2017-13008, CVE-2017-13009, CVE-2017-13010, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014, CVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017-13018, CVE-2017-13019, CVE-2017-13020, CVE-2017-13021, CVE-2017-13022, CVE-2017-13023, CVE-2017-13024, CVE-2017-13025, CVE-2017-13026, CVE-2017-13027, CVE-2017-13028, CVE-2017-13029, CVE-2017-13030, CVE-2017-13031, CVE-2017-13032, CVE-2017-13033, CVE-2017-13034, CVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038, CVE-2017-13039, CVE-2017-13040, CVE-2017-13041, CVE-2017-13042, CVE-2017-13043, CVE-2017-13044, CVE-2017-13045, CVE-2017-13046, CVE-2017-13047, CVE-2017-13048, CVE-2017-13049, CVE-2017-13050, CVE-2017-13051, CVE-2017-13052, CVE-2017-13053, CVE-2017-13054, CVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689, CVE-2017-13690, CVE-2017-13725). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 103218 published 2017-09-14 reporter Ubuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/103218 title Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : tcpdump vulnerabilities (USN-3415-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201709-23.NASL description The remote host is affected by the vulnerability described in GLSA-201709-23 (Tcpdump: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Tcpdump. Please review the referenced CVE identifiers for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 103462 published 2017-09-26 reporter This script is Copyright (C) 2017-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/103462 title GLSA-201709-23 : Tcpdump: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-1205.NASL description This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS (heap-based buffer over-read and application crash) via crafted packet data. The crash occured in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol (bsc#1047873, bsc#1057247). - CVE-2017-11543: Prevent buffer overflow in the sliplink_print function in print-sl.c that allowed remote DoS (bsc#1057247). - CVE-2017-13011: Prevent buffer overflow in bittok2str_internal() that allowed remote DoS (bsc#1057247) - CVE-2017-12989: Prevent infinite loop in the RESP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12990: Prevent infinite loop in the ISAKMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12995: Prevent infinite loop in the DNS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12997: Prevent infinite loop in the LLDP parser that allowed remote DoS (bsc#1057247) - CVE-2017-11541: Prevent heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c that allowed remote DoS (bsc#1057247). - CVE-2017-11542: Prevent heap-based buffer over-read in the pimv1_print function in print-pim.c that allowed remote DoS (bsc#1057247). - CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12894: Prevent buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247) - CVE-2017-12895: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12896: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12897: Prevent buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12898: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12899: Prevent buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247) - CVE-2017-12900: Prevent buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247) - CVE-2017-12901: Prevent buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12902: Prevent buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247) - CVE-2017-12985: Prevent buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247) - CVE-2017-12986: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247) - CVE-2017-12987: Prevent buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247) - CVE-2017-12988: Prevent buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247) - CVE-2017-12991: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12992: Prevent buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247) - CVE-2017-12993: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247) - CVE-2017-12994: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12996: Prevent buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247) - CVE-2017-12998: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12999: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13000: Prevent buffer over-read in the IEEE 802.15.4 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13001: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13002: Prevent buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247) - CVE-2017-13003: Prevent buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13004: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247) - CVE-2017-13005: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13006: Prevent buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13007: Prevent buffer over-read in the Apple PKTAP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13008: Prevent buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13009: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247) - CVE-2017-13010: Prevent buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13012: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13013: Prevent buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13014: Prevent buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247) - CVE-2017-13015: Prevent buffer over-read in the EAP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13016: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13017: Prevent buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13018: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13019: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13020: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13021: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13022: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13023: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247) - CVE-2017-13024: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247) - CVE-2017-13025: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247) - CVE-2017-13026: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13027: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13028: Prevent buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13029: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13030: Prevent buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13031: Prevent buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247) - CVE-2017-13032: Prevent buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13033: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13034: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13035: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13036: Prevent buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13037: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13038: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13039: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13040: Prevent buffer over-read in the MPTCP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13041: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13042: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13043: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13044: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13045: Prevent buffer over-read in the VQP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13046: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13047: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13048: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13049: Prevent buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247) - CVE-2017-13050: Prevent buffer over-read in the RPKI-Router parser that allowed remote DoS (bsc#1057247) - CVE-2017-13051: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13052: Prevent buffer over-read in the CFM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13053: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13054: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13055: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13687: Prevent buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247) - CVE-2017-13688: Prevent buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247) - CVE-2017-13689: Prevent buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13690: Prevent buffer over-read in the IKEv2 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13725: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247) - Prevent segmentation fault in ESP decoder with OpenSSL 1.1 (bsc#1057247) This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-05 modified 2017-10-30 plugin id 104239 published 2017-10-30 reporter This script is Copyright (C) 2017-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/104239 title openSUSE Security Update : tcpdump (openSUSE-2017-1205) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_EB03D6426724472DB038F2BF074E1FC8.NASL description tcpdump developers report : Too many issues to detail, see CVE references for details. last seen 2020-06-01 modified 2020-06-02 plugin id 103484 published 2017-09-27 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/103484 title FreeBSD : tcpdump -- multiple vulnerabilities (eb03d642-6724-472d-b038-f2bf074e1fc8) NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-2854-1.NASL description This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS (heap-based buffer over-read and application crash) via crafted packet data. The crash occured in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol (bsc#1047873, bsc#1057247). - CVE-2017-11543: Prevent buffer overflow in the sliplink_print function in print-sl.c that allowed remote DoS (bsc#1057247). - CVE-2017-13011: Prevent buffer overflow in bittok2str_internal() that allowed remote DoS (bsc#1057247) - CVE-2017-12989: Prevent infinite loop in the RESP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12990: Prevent infinite loop in the ISAKMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12995: Prevent infinite loop in the DNS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12997: Prevent infinite loop in the LLDP parser that allowed remote DoS (bsc#1057247) - CVE-2017-11541: Prevent heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c that allowed remote DoS (bsc#1057247). - CVE-2017-11542: Prevent heap-based buffer over-read in the pimv1_print function in print-pim.c that allowed remote DoS (bsc#1057247). - CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12894: Prevent buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247) - CVE-2017-12895: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12896: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12897: Prevent buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12898: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12899: Prevent buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247) - CVE-2017-12900: Prevent buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247) - CVE-2017-12901: Prevent buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12902: Prevent buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247) - CVE-2017-12985: Prevent buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247) - CVE-2017-12986: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247) - CVE-2017-12987: Prevent buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247) - CVE-2017-12988: Prevent buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247) - CVE-2017-12991: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12992: Prevent buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247) - CVE-2017-12993: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247) - CVE-2017-12994: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-12996: Prevent buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247) - CVE-2017-12998: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-12999: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13000: Prevent buffer over-read in the IEEE 802.15.4 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13001: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13002: Prevent buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247) - CVE-2017-13003: Prevent buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13004: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247) - CVE-2017-13005: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13006: Prevent buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13007: Prevent buffer over-read in the Apple PKTAP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13008: Prevent buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13009: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247) - CVE-2017-13010: Prevent buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13012: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13013: Prevent buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13014: Prevent buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247) - CVE-2017-13015: Prevent buffer over-read in the EAP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13016: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13017: Prevent buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13018: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13019: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13020: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13021: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13022: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13023: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247) - CVE-2017-13024: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247) - CVE-2017-13025: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247) - CVE-2017-13026: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13027: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13028: Prevent buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13029: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13030: Prevent buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13031: Prevent buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247) - CVE-2017-13032: Prevent buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13033: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13034: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13035: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13036: Prevent buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13037: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13038: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13039: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13040: Prevent buffer over-read in the MPTCP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13041: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13042: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13043: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13044: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13045: Prevent buffer over-read in the VQP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13046: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13047: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13048: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13049: Prevent buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247) - CVE-2017-13050: Prevent buffer over-read in the RPKI-Router parser that allowed remote DoS (bsc#1057247) - CVE-2017-13051: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13052: Prevent buffer over-read in the CFM parser that allowed remote DoS (bsc#1057247) - CVE-2017-13053: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13054: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247) - CVE-2017-13055: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247) - CVE-2017-13687: Prevent buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247) - CVE-2017-13688: Prevent buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247) - CVE-2017-13689: Prevent buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13690: Prevent buffer over-read in the IKEv2 parser that allowed remote DoS (bsc#1057247) - CVE-2017-13725: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247) - Prevent segmentation fault in ESP decoder with OpenSSL 1.1 (bsc#1057247) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 104208 published 2017-10-27 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/104208 title SUSE SLED12 / SLES12 Security Update : tcpdump (SUSE-SU-2017:2854-1) NASL family MacOS X Local Security Checks NASL id MACOS_10_13_1.NASL description The remote host is running a version of Mac OS X that is 10.13.x prior to 10.13.1. It is, therefore, affected by multiple vulnerabilities in the following components : - APFS - curl - Dictionary Widget - Kernel - StreamingZip - tcpdump - Wi-Fi Note that successful exploitation of the most serious issues can result in arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 104378 published 2017-11-03 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/104378 title macOS 10.13.x < 10.13.1 Multiple Vulnerabilities
Redhat
advisories |
| ||||
rpms |
|
References
- http://www.debian.org/security/2017/dsa-3971
- http://www.debian.org/security/2017/dsa-3971
- http://www.securitytracker.com/id/1039307
- http://www.securitytracker.com/id/1039307
- http://www.tcpdump.org/tcpdump-changes.txt
- http://www.tcpdump.org/tcpdump-changes.txt
- https://access.redhat.com/errata/RHEA-2018:0705
- https://access.redhat.com/errata/RHEA-2018:0705
- https://github.com/the-tcpdump-group/tcpdump/commit/6fca58f5f9c96749a575f52e20598ad43f5bdf30
- https://github.com/the-tcpdump-group/tcpdump/commit/6fca58f5f9c96749a575f52e20598ad43f5bdf30
- https://security.gentoo.org/glsa/201709-23
- https://security.gentoo.org/glsa/201709-23
- https://support.apple.com/HT208221
- https://support.apple.com/HT208221