Tcpdump: >> Tcpdump Security Vulnerabilities
In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.
CVSS Score
5.5
EPSS Score
0.024
Published
2018-11-25
tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.
CVSS Score
5.5
EPSS Score
0.032
Published
2017-11-13
print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).
CVSS Score
7.5
EPSS Score
0.023
Published
2017-09-28
The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
CVSS Score
9.8
EPSS Score
0.034
Published
2017-09-14
The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().
CVSS Score
9.8
EPSS Score
0.046
Published
2017-09-14
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
CVSS Score
9.8
EPSS Score
0.037
Published
2017-09-14
The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().
CVSS Score
9.8
EPSS Score
0.034
Published
2017-09-14
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
CVSS Score
9.8
EPSS Score
0.032
Published
2017-09-14
The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().
CVSS Score
9.8
EPSS Score
0.032
Published
2017-09-14
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().
CVSS Score
9.8
EPSS Score
0.032
Published
2017-09-14