Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tcpdump
(Tcpdump)| Repositories | https://github.com/the-tcpdump-group/tcpdump |
| #Vulnerabilities | 172 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-10-03 | CVE-2018-16228 | The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). | Mac_os_x, Debian_linux, Fedora, Leap, Enterprise_linux, Tcpdump | 7.5 | ||
| 2019-10-03 | CVE-2018-16229 | The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). | Mac_os_x, Debian_linux, Traffix_signaling_delivery_controller, Fedora, Leap, Enterprise_linux, Tcpdump | 7.5 | ||
| 2019-10-03 | CVE-2018-16230 | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). | Mac_os_x, Debian_linux, Fedora, Leap, Enterprise_linux, Tcpdump | 7.5 | ||
| 2019-10-03 | CVE-2018-16300 | The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. | Tcpdump | 7.5 | ||
| 2019-10-03 | CVE-2018-16301 | The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump. | Tcpdump | 7.8 | ||
| 2019-10-03 | CVE-2018-16451 | The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. | Mac_os_x, Debian_linux, Fedora, Leap, Enterprise_linux, Tcpdump | 7.5 | ||
| 2019-10-03 | CVE-2018-16452 | The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. | Tcpdump | 7.5 | ||
| 2019-10-03 | CVE-2019-15166 | lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. | Mac_os_x, Ubuntu_linux, Debian_linux, Fedora, Cloud_backup, Hci_management_node, Solidfire, Leap, Enterprise_linux, Tcpdump | 7.5 | ||
| 2020-11-04 | CVE-2020-8037 | The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. | Mac_os_x, Macos, Debian_linux, Fedora, Tcpdump | 7.5 | ||
| 2022-08-27 | CVE-2019-15167 | The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463. | Tcpdump | 9.1 |