Tcpdump: >> Tcpdump Security Vulnerabilities
The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
CVSS Score
7.5
EPSS Score
0.04
Published
2019-10-03
The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().
CVSS Score
7.5
EPSS Score
0.04
Published
2019-10-03
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.
CVSS Score
7.5
EPSS Score
0.047
Published
2019-10-03
The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().
CVSS Score
7.5
EPSS Score
0.04
Published
2019-10-03
The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
CVSS Score
7.5
EPSS Score
0.041
Published
2019-10-03
The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().
CVSS Score
7.5
EPSS Score
0.04
Published
2019-10-03
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).
CVSS Score
7.5
EPSS Score
0.04
Published
2019-10-03
The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
CVSS Score
7.5
EPSS Score
0.04
Published
2019-10-03
The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
CVSS Score
7.5
EPSS Score
0.053
Published
2019-10-03
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file.
CVSS Score
3.3
EPSS Score
0.013
Published
2019-07-22