Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
aixCentOS ProjectTCPDUMP_ADVISORY3.ASC
HistoryNov 08, 2017 - 9:27 a.m.

There are multiple vulnerabilities in tcpdump that impact AIX.

2017-11-0809:27:01
CentOS Project
aix.software.ibm.com
681

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.161 Low

EPSS

Percentile

95.9%

JSON

IBM SECURITY ADVISORY

First Issued: Wed Nov 8 09:27:01 CST 2017
|Updated: Wed Feb 28 09:33:13 CST 2018
|Update: Corrected the APARs listed under the APAR section.

The most recent version of this document is available here:

http://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc
https://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc
ftp://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc

Security Bulletin: Vulnerabilities in tcpdump affect AIX

Note: See section IV for full CVE details.

SUMMARY:

There are multiple vulnerabilities in tcpdump that impact AIX.

===============================================================================

I. AFFECTED PRODUCTS AND VERSIONS:

AIX  5.3, 6.1, 7.1, 7.2
VIOS 2.2
    
The following fileset levels are vulnerable:
    
key_fileset = aix
    
Fileset             Lower Level  Upper Level   KEY
-----------------------------------------------------
bos.net.tcp.server   5.3.12.0    5.3.12.6    key_w_fs
bos.net.tcp.server   6.1.9.0     6.1.9.300   key_w_fs
bos.net.tcp.server   7.1.3.0     7.1.3.49    key_w_fs
bos.net.tcp.server   7.1.4.0     7.1.4.32    key_w_fs
bos.net.tcp.tcpdump  7.2.0.0     7.2.0.3     key_w_fs
bos.net.tcp.tcpdump  7.2.1.0     7.2.1.1     key_w_fs
    

Note: To find out whether the affected filesets are installed 
on your systems, refer to the lslpp command found in AIX user's
guide.

Example:  lslpp -L | grep -i bos.net.tcp.server

II. REMEDIATION:

A. FIXES

    Fixes are available.

    The fixes can be downloaded via ftp or http from:

    ftp://aix.software.ibm.com/aix/efixes/security/tcpdump_fix3.tar
    http://aix.software.ibm.com/aix/efixes/security/tcpdump_fix3.tar
    https://aix.software.ibm.com/aix/efixes/security/tcpdump_fix3.tar 

    The links above are to a tar file containing this signed
    advisory, interim fixes, and OpenSSL signatures for each interim fix.
    The fixes below include prerequisite checking. This will
    enforce the correct mapping between the fixes and AIX
    Technology Levels.

    AIX Level  Interim Fix (*.Z)         KEY
    ----------------------------------------------
    5.3.12.9   IV94729m9a.171009.epkg.Z  key_w_fix
    6.1.9.8    IV94728mAa.171008.epkg.Z  key_w_fix
    6.1.9.9    IV94728mAa.171008.epkg.Z  key_w_fix
    6.1.9.10   IV94728mAa.171008.epkg.Z  key_w_fix
    7.1.3.7    IV94727m9a.171009.epkg.Z  key_w_fix
    7.1.3.8    IV94727m9a.171009.epkg.Z  key_w_fix
    7.1.3.9    IV94727m9a.171009.epkg.Z  key_w_fix
    7.1.4.3    IV94726m5a.171009.epkg.Z  key_w_fix
    7.1.4.4    IV94726m5a.171009.epkg.Z  key_w_fix
    7.1.4.5    IV94726m5a.171009.epkg.Z  key_w_fix
    7.2.0.3    IV94724m5a.171009.epkg.Z  key_w_fix
    7.2.0.4    IV94724m5a.171009.epkg.Z  key_w_fix
    7.2.0.5    IV94724m5a.171009.epkg.Z  key_w_fix
    7.2.1.1    IV94723m3a.171009.epkg.Z  key_w_fix
    7.2.1.2    IV94723m3a.171009.epkg.Z  key_w_fix
    7.2.1.3    IV94723m3a.171009.epkg.Z  key_w_fix

    Please note that the above tables refer to AIX TL/SP level as
    opposed to fileset level, i.e., 7.1.3.8 is AIX 7100-03-08.
                  
    VIOS Level Interim Fix (*.Z)         KEY
    ----------------------------------------------
    2.2.5.20   IV94728mAa.171008.epkg.Z  key_w_fix
    2.2.6.0    IV94728mAa.171008.epkg.Z  key_w_fix 
    2.2.6.10   IV94728mAa.171008.epkg.Z  key_w_fix

    The above fixes are cumulative and address previously issued
    AIX tcpdump security bulletins with respect to SP and TL.

    To extract the fixes from the tar file:

    tar xvf tcpdump_fix3.tar
    cd tcpdump_fix3

    Verify you have retrieved the fixes intact:

    The checksums below were generated using the
    "openssl dgst -sha256 [filename]" command as the following:

    openssl dgst -sha256                                              filename                 KEY
    -----------------------------------------------------------------------------------------------------
    6248b20c3af88225f6be5bd84f2ff3a901a8db300609dbd11e652a0d1fd831a5  IV94723m3a.171009.epkg.Z key_w_csum
    a52bba4e3411a861e52f11cc961cc7a79be4f3359c56b256bad0888eb77309eb  IV94724m5a.171009.epkg.Z key_w_csum
    178f356ad65b89b2584397506851a29af4ba5d280f51f7483e9d9ecfb6f01d7a  IV94726m5a.171009.epkg.Z key_w_csum
    1d8cb7ecd0dd3f167860b4db7eab3a2b349e787b4f23858f02cd31bfab8278fa  IV94727m9a.171009.epkg.Z key_w_csum
    c1fff8799746a5d2eac51de70c51ef414f536c1bc7cd68174b087ba4e14cb59b  IV94728mAa.171008.epkg.Z key_w_csum
    d03367a2507bb0bb2ddb358b15ccc8303c5b7a0cb170f4b08dccb12246e4122f  IV94729m9a.171009.epkg.Z key_w_csum

     
    These sums should match exactly. The OpenSSL signatures in the tar
    file and on this advisory can also be used to verify the
    integrity of the fixes.  If the sums or signatures cannot be
    confirmed, contact IBM AIX Support at https://ibm.com/support/
    and describe the discrepancy.
        
    openssl dgst -sha1 -verify [pubkey_file] -signature [advisory_file].sig [advisory_file]

    openssl dgst -sha1 -verify [pubkey_file] -signature [ifix_file].sig [ifix_file]

    Published advisory OpenSSL signature file location:

    http://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc.sig
    https://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc.sig
    ftp://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc.sig 

B. INTERIM FIX INSTALLATION

    IMPORTANT: If possible, it is recommended that a mksysb backup
    of the system be created.  Verify it is both bootable and
    readable before proceeding.

    To preview a fix installation:

    installp -a -d fix_name -p all  # where fix_name is the name of the
                                    # fix package being previewed.

    To install a fix package:

    installp -a -d fix_name -X all  # where fix_name is the name of the
                                    # fix package being installed.

    Interim fixes have had limited functional and regression
    testing but not the full regression testing that takes place
    for Service Packs; however, IBM does fully support them.

    Interim fix management documentation can be found at:
    http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html

    To preview an interim fix installation:

    emgr -e ipkg_name -p         # where ipkg_name is the name of the
                                 # interim fix package being previewed.

    To install an interim fix package:

    emgr -e ipkg_name -X         # where ipkg_name is the name of the
                                 # interim fix package being installed.

C. APARS
        
    IBM has assigned the following APARs to this problem:

    AIX Level APAR     Availability  SP   KEY
    ------------------------------------------------

| 5.3.12 IJ00568 ** N/A key_w_apar
| 6.1.9 IJ00563 ** SP11 key_w_apar
| 7.1.3 IJ00564 ** N/A key_w_apar
| 7.1.4 IJ00565 ** SP6 key_w_apar
| 7.2.0 IJ00566 ** SP6 key_w_apar
| 7.2.1 IJ00567 ** SP4 key_w_apar

    ** Please refer to AIX support lifecycle information page for availability
    of Service Packs:
    http://www-01.ibm.com/support/docview.wss?uid=isg3T1012517

    Subscribe to the APARs here:

| https://www.ibm.com/support/docview.wss?uid=isg1IJ00568
| https://www.ibm.com/support/docview.wss?uid=isg1IJ00563
| https://www.ibm.com/support/docview.wss?uid=isg1IJ00564
| https://www.ibm.com/support/docview.wss?uid=isg1IJ00565
| https://www.ibm.com/support/docview.wss?uid=isg1IJ00566
| https://www.ibm.com/support/docview.wss?uid=isg1IJ00567

    By subscribing, you will receive periodic email alerting you
    to the status of the APAR, and a link to download the fix once
    it becomes available.

III. WORKAROUNDS AND MITIGATIONS:

    None.

IV.VULNERABILITY DETAILS:

Vulnerabilities in tcpdump affect AIX:

CVEID: CVE-2017-12993 
https://vulners.com/cve/CVE-2017-12993
https://vulners.com/cve/CVE-2017-12993
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the Juniper
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131892  for the  
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12992 
https://vulners.com/cve/CVE-2017-12992
https://vulners.com/cve/CVE-2017-12992
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the RIPng
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131891  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12991 
https://vulners.com/cve/CVE-2017-12991
https://vulners.com/cve/CVE-2017-12991
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the BGP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131886  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12988 
https://vulners.com/cve/CVE-2017-12988
https://vulners.com/cve/CVE-2017-12988
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the telnet
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131885  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12987 
https://vulners.com/cve/CVE-2017-12987
https://vulners.com/cve/CVE-2017-12987
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IEEE 802.11
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131883  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12986 
https://vulners.com/cve/CVE-2017-12986 
https://vulners.com/cve/CVE-2017-12986
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IPv6 routing
    headers component. By sending a specially crafted request, an
    attacker could exploit this vulnerability to obtain sensitive
    information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131876  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12985 
https://vulners.com/cve/CVE-2017-12985
https://vulners.com/cve/CVE-2017-12985
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IPv6
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131875  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12902 
https://vulners.com/cve/CVE-2017-12902
https://vulners.com/cve/CVE-2017-12902
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the Zephyr
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131874  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12901 
https://vulners.com/cve/CVE-2017-12901
https://vulners.com/cve/CVE-2017-12901
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the EIGRP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131873  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12900 
https://vulners.com/cve/CVE-2017-12900
https://vulners.com/cve/CVE-2017-12900
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the tok2strbuf
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131872  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12899 
https://vulners.com/cve/CVE-2017-12899
https://vulners.com/cve/CVE-2017-12899
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the DECnet
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131871  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12898 
https://vulners.com/cve/CVE-2017-12898
https://vulners.com/cve/CVE-2017-12898
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the NFS component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131868  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12897 
https://vulners.com/cve/CVE-2017-12897
https://vulners.com/cve/CVE-2017-12897
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ISO CLNS
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131867  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12896 
https://vulners.com/cve/CVE-2017-12896
https://vulners.com/cve/CVE-2017-12896
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ISAKMP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131877  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12895 
https://vulners.com/cve/CVE-2017-12895
https://vulners.com/cve/CVE-2017-12895
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ICMP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131865  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12894 
https://vulners.com/cve/CVE-2017-12894
https://vulners.com/cve/CVE-2017-12894
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the
    lookup_bytestring component. By sending a specially crafted request,
    an attacker could exploit this vulnerability to obtain sensitive
    information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131864  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12893 
https://vulners.com/cve/CVE-2017-12893
https://vulners.com/cve/CVE-2017-12893
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the SMB/CIFS
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131810  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-11542 
https://vulners.com/cve/CVE-2017-11542
https://vulners.com/cve/CVE-2017-11542
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a
    heap-based buffer over-read in the pimv1_print function in
    print-pim.c. An attacker could exploit this vulnerability to cause
    the application to crash. 
CVSS Base Score: 7.5 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/129253  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-11541 
https://vulners.com/cve/CVE-2017-11541
https://vulners.com/cve/CVE-2017-11541
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a
    heap-based buffer over-read in the lldp_print function in
    print-lldp.c. An attacker could exploit this vulnerability to cause
    the application to crash. 
CVSS Base Score: 7.5 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/129252  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-12997 
https://vulners.com/cve/CVE-2017-12997
https://vulners.com/cve/CVE-2017-12997
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by an
    error in the LLDP component. By sending specially crafted data, a
    remote attacker could exploit this vulnerability to cause the
    application to enter into an infinite loop. 
CVSS Base Score: 7.5 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131809  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-12995 
https://vulners.com/cve/CVE-2017-12995
https://vulners.com/cve/CVE-2017-12995
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by an
    error in the DNS component. By sending specially crafted data, a
    remote attacker could exploit this vulnerability to cause the
    application to enter into an infinite loop. 
CVSS Base Score: 7.5 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131808  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-12990 
https://vulners.com/cve/CVE-2017-12990
https://vulners.com/cve/CVE-2017-12990
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by an
    error in the ISAKMP component. By sending specially crafted data, a
    remote attacker could exploit this vulnerability to cause the
    application to enter into an infinite loop. 
CVSS Base Score: 7.5 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131807  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-12989 
https://vulners.com/cve/CVE-2017-12989
https://vulners.com/cve/CVE-2017-12989
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by an
    error in the RESP component. By sending specially crafted data, a
    remote attacker could exploit this vulnerability to cause the
    application to enter into an infinite loop. 
CVSS Base Score: 7.5 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131794  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-13011 
https://vulners.com/cve/CVE-2017-13011
https://vulners.com/cve/CVE-2017-13011
DESCRIPTION: tcpdump is vulnerable to a buffer overflow, caused by
    improper bounds checking by the bittok2str_internal component. By
    sending an overly long string argument, a remote attacker could
    overflow a buffer and execute arbitrary code on the system or cause
    the application to crash. 
CVSS Base Score: 7.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131781  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID: CVE-2017-11543 
https://vulners.com/cve/CVE-2017-11543
https://vulners.com/cve/CVE-2017-11543
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a
    buffer overflow in the sliplink_print function in print-sl.c. An
    attacker could exploit this vulnerability to cause the application
    to crash. 
CVSS Base Score: 7.5 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/129254  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-13018 
https://vulners.com/cve/CVE-2017-13018
https://vulners.com/cve/CVE-2017-13018
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the PGM component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131912  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13017 
https://vulners.com/cve/CVE-2017-13017
https://vulners.com/cve/CVE-2017-13017
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the DHCPv6
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131911  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13016 
https://vulners.com/cve/CVE-2017-13016
https://vulners.com/cve/CVE-2017-13016
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ISO ES-IS
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131909  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-11543 
https://vulners.com/cve/CVE-2017-11543
https://vulners.com/cve/CVE-2017-11543
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a
    buffer overflow in the sliplink_print function in print-sl.c. An
    attacker could exploit this vulnerability to cause the application
    to crash. 
CVSS Base Score: 7.5 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/129254  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-13015 
https://vulners.com/cve/CVE-2017-13015
https://vulners.com/cve/CVE-2017-13015
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the EAP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131908  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13014 
https://vulners.com/cve/CVE-2017-13014
https://vulners.com/cve/CVE-2017-13014
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the White Board
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131907  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13013 
https://vulners.com/cve/CVE-2017-13013
https://vulners.com/cve/CVE-2017-13013
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ARP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131906  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13012 
https://vulners.com/cve/CVE-2017-13012
https://vulners.com/cve/CVE-2017-13012
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ICMP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131878  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13010 
https://vulners.com/cve/CVE-2017-13010
https://vulners.com/cve/CVE-2017-13010
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the BEEP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131905  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13009 
https://vulners.com/cve/CVE-2017-13009
https://vulners.com/cve/CVE-2017-13009
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IPv6 mobility
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131879  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13008 
https://vulners.com/cve/CVE-2017-13008
https://vulners.com/cve/CVE-2017-13008
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IEEE 802.11
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131884  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13006 
https://vulners.com/cve/CVE-2017-13006
https://vulners.com/cve/CVE-2017-13006
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the L2TP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131903  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13005 
https://vulners.com/cve/CVE-2017-13005
https://vulners.com/cve/CVE-2017-13005
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the NFS component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131869  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13004 
https://vulners.com/cve/CVE-2017-13004
https://vulners.com/cve/CVE-2017-13004
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the Juniper
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131893  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13003 
https://vulners.com/cve/CVE-2017-13003
https://vulners.com/cve/CVE-2017-13003
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the LMP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131902  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13002 
https://vulners.com/cve/CVE-2017-13002
https://vulners.com/cve/CVE-2017-13002
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the AODV
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131901  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13001 
https://vulners.com/cve/CVE-2017-13001
https://vulners.com/cve/CVE-2017-13001
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the NFS component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131870  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13000 
https://vulners.com/cve/CVE-2017-13000
https://vulners.com/cve/CVE-2017-13000
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IEEE 802.15.4
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131900  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12999 
https://vulners.com/cve/CVE-2017-12999
https://vulners.com/cve/CVE-2017-12999
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ISO IS-IS
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131896  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12998 
https://vulners.com/cve/CVE-2017-12998
https://vulners.com/cve/CVE-2017-12998
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ISO IS-IS
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131895  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12996 
https://vulners.com/cve/CVE-2017-12996
https://vulners.com/cve/CVE-2017-12996
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the PIMv2
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131894  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-12994 
https://vulners.com/cve/CVE-2017-12994
https://vulners.com/cve/CVE-2017-12994
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the BGP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131887  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-11541 
https://vulners.com/cve/CVE-2017-11541
https://vulners.com/cve/CVE-2017-11541
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a
    heap-based buffer over-read in the lldp_print function in
    print-lldp.c. An attacker could exploit this vulnerability to cause
    the application to crash.
CVSS Base Score: 7.5 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/129252  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-11542 
https://vulners.com/cve/CVE-2017-11542
https://vulners.com/cve/CVE-2017-11542
DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a
    heap-based buffer over-read in the pimv1_print function in
    print-pim.c. An attacker could exploit this vulnerability to cause
    the application to crash.
CVSS Base Score: 7.5 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/129253  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-13043 
https://vulners.com/cve/CVE-2017-13043
https://vulners.com/cve/CVE-2017-13043
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the BGP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131890  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13042 
https://vulners.com/cve/CVE-2017-13042
https://vulners.com/cve/CVE-2017-13042
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the HNCP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132002  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13041 
https://vulners.com/cve/CVE-2017-13041
https://vulners.com/cve/CVE-2017-13041
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ICMPv6
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131985  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13040 
https://vulners.com/cve/CVE-2017-13040
https://vulners.com/cve/CVE-2017-13040
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the MPTCP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132001  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13039 
https://vulners.com/cve/CVE-2017-13039
https://vulners.com/cve/CVE-2017-13039
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ISAKMP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131866  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13038 
https://vulners.com/cve/CVE-2017-13038
https://vulners.com/cve/CVE-2017-13038
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the PPP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132000  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13037 
https://vulners.com/cve/CVE-2017-13037
https://vulners.com/cve/CVE-2017-13037
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131999  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13036 
https://vulners.com/cve/CVE-2017-13036
https://vulners.com/cve/CVE-2017-13036
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the OSPFv3
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131998  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13035 
https://vulners.com/cve/CVE-2017-13035
https://vulners.com/cve/CVE-2017-13035
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ISO IS-IS
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131899  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13034 
https://vulners.com/cve/CVE-2017-13034
https://vulners.com/cve/CVE-2017-13034
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the PGM component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131914  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13033 
https://vulners.com/cve/CVE-2017-13033
https://vulners.com/cve/CVE-2017-13033
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the VTP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131983  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13032 
https://vulners.com/cve/CVE-2017-13032
https://vulners.com/cve/CVE-2017-13032
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the RADIUS
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131997  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13031 
https://vulners.com/cve/CVE-2017-13031
https://vulners.com/cve/CVE-2017-13031
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IPv6
    fragmentation header component. By sending a specially crafted
    request, an attacker could exploit this vulnerability to obtain
    sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131996  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13030 
https://vulners.com/cve/CVE-2017-13030
https://vulners.com/cve/CVE-2017-13030
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the PIM component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131991  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13029 
https://vulners.com/cve/CVE-2017-13029
https://vulners.com/cve/CVE-2017-13029
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the PPP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131990  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13028 
https://vulners.com/cve/CVE-2017-13028
https://vulners.com/cve/CVE-2017-13028
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the BOOTP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131989  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13027 
https://vulners.com/cve/CVE-2017-13027
https://vulners.com/cve/CVE-2017-13027
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the LLDP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131987  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13026 
https://vulners.com/cve/CVE-2017-13026
https://vulners.com/cve/CVE-2017-13026
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ISO IS-IS
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131897  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13025 
https://vulners.com/cve/CVE-2017-13025
https://vulners.com/cve/CVE-2017-13025
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IPv6 mobility
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131882  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13024 
https://vulners.com/cve/CVE-2017-13024
https://vulners.com/cve/CVE-2017-13024
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IPv6 mobility
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information. 
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131881  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13023 
https://vulners.com/cve/CVE-2017-13023
https://vulners.com/cve/CVE-2017-13023
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IPv6 mobility
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131880  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13022 
https://vulners.com/cve/CVE-2017-13022
https://vulners.com/cve/CVE-2017-13022
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131986  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13021 
https://vulners.com/cve/CVE-2017-13021
https://vulners.com/cve/CVE-2017-13021
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ICMPv6
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131984  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13020 
https://vulners.com/cve/CVE-2017-13020
https://vulners.com/cve/CVE-2017-13020
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the VTP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131982  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13019 
https://vulners.com/cve/CVE-2017-13019
https://vulners.com/cve/CVE-2017-13019
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the PGM component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131913  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13725 
https://vulners.com/cve/CVE-2017-13725
https://vulners.com/cve/CVE-2017-13725
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IPv6 routing
    headers component. By sending a specially crafted request, an
    attacker could exploit this vulnerability to obtain sensitive
    information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132014  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13690 
https://vulners.com/cve/CVE-2017-13690
https://vulners.com/cve/CVE-2017-13690
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IKEv2
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132013  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13689 
https://vulners.com/cve/CVE-2017-13689
https://vulners.com/cve/CVE-2017-13689
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the IKEv1
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132012  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13688 
https://vulners.com/cve/CVE-2017-13688
https://vulners.com/cve/CVE-2017-13688
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the OLSR
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132011  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13687 
https://vulners.com/cve/CVE-2017-13687
https://vulners.com/cve/CVE-2017-13687
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the Cisco HDLC
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132010  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13055 
https://vulners.com/cve/CVE-2017-13055
https://vulners.com/cve/CVE-2017-13055
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ISO IS-IS
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3 
CVSS Temporal Score: See 
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131898  for the 
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13054
https://vulners.com/cve/CVE-2017-13054
https://vulners.com/cve/CVE-2017-13054
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the LLDP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131988  for the
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13053
https://vulners.com/cve/CVE-2017-13053
https://vulners.com/cve/CVE-2017-13053
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the BGP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131888  for the
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13052
https://vulners.com/cve/CVE-2017-13052
https://vulners.com/cve/CVE-2017-13052
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the CFM component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132009  for the
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13051
https://vulners.com/cve/CVE-2017-13051
https://vulners.com/cve/CVE-2017-13051
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the RSVP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132006  for the
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13050
https://vulners.com/cve/CVE-2017-13050
https://vulners.com/cve/CVE-2017-13050
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the RPKI-Router
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132008  for the
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13049
https://vulners.com/cve/CVE-2017-13049
https://vulners.com/cve/CVE-2017-13049
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the Rx component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132007  for the
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13048
https://vulners.com/cve/CVE-2017-13048
https://vulners.com/cve/CVE-2017-13048
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the RSVP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132005  for the
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13047
https://vulners.com/cve/CVE-2017-13047
https://vulners.com/cve/CVE-2017-13047
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the ISO ES-IS
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131910  for the
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13046
https://vulners.com/cve/CVE-2017-13046
https://vulners.com/cve/CVE-2017-13046
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the BGP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
    https://exchange.xforce.ibmcloud.com/vulnerabilities/131889  for the
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13045
https://vulners.com/cve/CVE-2017-13045
https://vulners.com/cve/CVE-2017-13045
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the VQP component.
    By sending a specially crafted request, an attacker could exploit
    this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132004  for the
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2017-13044
https://vulners.com/cve/CVE-2017-13044
https://vulners.com/cve/CVE-2017-13044
DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive
    information, caused by a buffer overread memory in the HNCP
    component. By sending a specially crafted request, an attacker could
    exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 5.3
CVSS Temporal Score: See
    https://exchange.xforce.ibmcloud.com/vulnerabilities/132003  for the
    current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

===============================================================================

CONTACT US:

Note: Keywords labeled as KEY in this document are used for parsing
purposes.

If you would like to receive AIX Security Advisories via email,
please visit "My Notifications":

    http://www.ibm.com/support/mynotifications
    https://www.ibm.com/support/mynotifications

To view previously issued advisories, please visit:

    http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq
    https://www14.software.ibm.com/webapp/set2/subscriptions/onvdq

To obtain the OpenSSL public key that can be used to verify the
signed advisories and ifixes:

    Download the key from our web page:

http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt
https://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt

Please contact your local IBM AIX support center for any
assistance.

REFERENCES:

Complete CVSS v3 Guide:  http://www.first.org/cvss/user-guide
    https://www.first.org/cvss/user-guide
On-line Calculator v3:
    http://www.first.org/cvss/calculator/3.0
    https://www.first.org/cvss/calculator/3.0

ACKNOWLEDGEMENTS:

None

CHANGE HISTORY:

First Issued: Wed Nov  8 09:27:01 CST 2017

| Updated: Wed Feb 28 09:33:13 CST 2018
| Update: Corrected the APARs listed under the APAR section.

===============================================================================

*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall CVSS Score. Customers can evaluate the impact
of this vulnerability in their environments by accessing the links in the
Reference section of this Security Bulletin.

Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the
Common Vulnerability Scoring System (CVSS) is an “industry open standard
designed to convey vulnerability severity and help to determine urgency and
priority of response.” IBM PROVIDES THE CVSS SCORES “AS IS” WITHOUT WARRANTY
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Related

openvas 9
nessus 28
debian 4
cloudfoundry 1
osv 26
archlinux 1
ubuntu 2
photon 3
mageia 1
gentoo 1
freebsd 1
slackware 1
ibm 2
apple 2
redhatcve 28
prion 25
hackerone 3
cve 23
ubuntucve 21
debiancve 16
f5 1
openvas
openvas
Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2017-1280)
2020-01-23 00:00:00
Debian LTS: Security Advisory for tcpdump (DLA-1097-1)
2018-02-07 00:00:00
Apple MacOSX Multiple Vulnerabilities - 01 HT208221
2017-11-02 00:00:00
nessus
nessus
EulerOS 2.0 SP1 : tcpdump (EulerOS-SA-2017-1280)
2017-11-02 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : tcpdump vulnerabilities (USN-3415-1)
2017-09-14 00:00:00
GLSA-201709-23 : Tcpdump: Multiple vulnerabilities
2017-09-26 00:00:00
debian
debian
[SECURITY] [DLA 1097-1] tcpdump security update
2017-09-15 10:18:46
[SECURITY] [DSA 3971-1] tcpdump security update
2017-09-13 05:04:17
[SECURITY] [DSA 3971-1] tcpdump security update
2017-09-13 05:04:17
cloudfoundry
cloudfoundry
USN-3415-1: tcpdump vulnerabilities | Cloud Foundry
2017-09-21 00:00:00
osv
osv
tcpdump - security update
2017-09-15 00:00:00
tcpdump - security update
2017-09-13 00:00:00
tcpdump - security update
2017-09-05 00:00:00
archlinux
archlinux
[ASA-201709-5] tcpdump: multiple issues
2017-09-13 00:00:00
ubuntu
ubuntu
tcpdump vulnerabilities
2017-09-14 00:00:00
tcpdump vulnerabilities
2017-09-14 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0034
2017-09-19 00:00:00
Important Photon OS Security Update - PHSA-2017-0070
2017-09-19 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0033
2017-09-13 00:00:00
mageia
mageia
Updated tcpdump packages fix security vulnerabilities
2017-09-10 15:36:09
gentoo
gentoo
Tcpdump: Multiple vulnerabilities
2017-09-25 00:00:00
freebsd
freebsd
tcpdump -- multiple vulnerabilities
2017-07-22 00:00:00
slackware
slackware
[slackware-security] tcpdump
2017-09-08 18:06:49
ibm
ibm
Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience PCA
2018-06-23 03:45:19
Security Bulletin: Vulnerabilities in tcpdump affect IBM Chassis Management Module (CMM)
2019-01-31 02:40:01
apple
apple
About the security content of macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan
2017-10-31 00:00:00
About the security content of macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan - Apple Support
2019-04-03 09:42:09
redhatcve
redhatcve
CVE-2017-13051
2017-09-14 04:58:56
CVE-2017-13013
2017-09-14 05:03:09
CVE-2017-13044
2017-09-14 04:55:14
prion
prion
Buffer overflow
2017-09-14 06:29:00
Design/Logic Flaw
2017-09-14 06:29:00
Buffer overflow
2017-09-14 06:29:00
hackerone
hackerone
Internet Bug Bounty: CVE-2017-13019: The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print()
2020-02-23 16:49:27
Internet Bug Bounty: CVE-2017-13010 The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
2017-09-15 23:45:26
Internet Bug Bounty: CVE-2017-13041 The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
2020-08-22 06:12:33
cve
cve
CVE-2017-12899
2017-09-14 06:29:00
CVE-2017-13035
2017-09-14 06:29:00
CVE-2017-13042
2017-09-14 06:29:00
ubuntucve
ubuntucve
CVE-2017-11542
2017-07-22 00:00:00
CVE-2017-13041
2017-09-13 00:00:00
CVE-2017-13040
2017-09-13 00:00:00
debiancve
debiancve
CVE-2017-13020
2017-09-14 06:29:00
CVE-2017-13047
2017-09-14 06:29:00
CVE-2017-12986
2017-09-14 06:29:00
f5
f5
K13237658 : tcpdump vulnerability CVE-2017-11541
2017-08-31 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.161 Low

EPSS

Percentile

95.9%

JSON
Related for TCPDUMP_ADVISORY3.ASC
openvas9nessus28debian4cloudfoundry1osv26archlinux1ubuntu2photon3mageia1gentoo1freebsd1slackware1ibm2apple2redhatcve28prion25hackerone3cve23ubuntucve21debiancve16f51