Lucene search

K
archlinuxArch LinuxASA-201503-20
HistoryMar 20, 2015 - 12:00 a.m.

tcpdump: multiple issues

2015-03-2000:00:00
Arch Linux
lists.archlinux.org
24

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.17 Low

EPSS

Percentile

95.5%

  • CVE-2014-8767 (denial of service)

Integer underflow in the olsr_print function when in verbose mode,
allows remote attackers to cause a denial of service (crash) via a
crafted length value in an OLSR frame.

  • CVE-2014-8768 (denial of service)

Multiple Integer underflows in the geonet_print function, when in
verbose mode, allow remote attackers to cause a denial of service
(segmentation fault and crash) via a crafted length value in a Geonet frame.

  • CVE-2014-8769 (out-of-bounds memory read)

Might allow remote attackers to obtain sensitive information from memory
or cause a denial of service (packet loss or segmentation fault) via a
crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers
an out-of-bounds memory access.

  • CVE-2014-9140 (denial of service)

Buffer overflow in the ppp_hdlc function in print-ppp.c allows remote
attackers to cause a denial of service (crash) cia a crafted PPP packet
or possibly execute arbitrary code.

  • CVE-2015-0261 (out-of-bounds memory read)

IPv6 mobility printer mobility_opt_print() typecastimg/signedness error
would handle "len" as "int" (=positive and negative numbers), instead of
"unsigned int" (=only positive numbers). When calling
mobility_opt_print() with a negative "len", the "i < len" check would
not be satisfied and it would not enter the loop and try to read from bp[i].

  • CVE-2015-2153 (arbitrary code execution)

TCP printer problem with missing length check in the
rpki_rtr_pdu_print() function in print-rpki-rtr.c when processing
RPKI-RTR PDUs (Protocol Data Units) with an incorrect header length.
Without this check, the function will try to operate on invalid data
when processing certain packets, leading to all kinds of unwanted side
effects, including crashes due to invalid reads, writes and general
memory corruption. Due to the memory corruption aspect it may lead to
code execution.

  • CVE-2015-2154 (out-of-bounds memory read)

Ethernet printer osi_print_cksum() missing sanity checks in
print-isoclns.c. The function may call the create_osi_cksum() function
in checksum.c with invalid data leading to out-of-bounds memory read.

  • CVE-2015-2155 (arbitrary code execution)

A flaw was found in tcpdump’s force printer. A remote attacker could use
this flaw to cause tcpdump to crash, resulting in a denial of service,
or possibly execute arbitrary code.

OSVersionArchitecturePackageVersionFilename
anyanyanytcpdump< 4.7.3-1UNKNOWN

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.17 Low

EPSS

Percentile

95.5%