CVE-2014-8769

2014-11-2017:50:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2014-8769

tcpdump

remote attackers

sensitive information

memory access

denial of service

6.2 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.073 Low

EPSS

Percentile

94.0%

JSON

tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access.

CPENameOperatorVersion
redhat:tcpdumpredhat tcpdumpeq4.6.0
redhat:tcpdumpredhat tcpdumpeq4.3.1
redhat:tcpdumpredhat tcpdumpeq3.8.2
redhat:tcpdumpredhat tcpdumpeq4.5.2
redhat:tcpdumpredhat tcpdumpeq4.5.0
redhat:tcpdumpredhat tcpdumpeq4.1.0
redhat:tcpdumpredhat tcpdumpeq4.0.0
redhat:tcpdumpredhat tcpdumpeq3.9.2
redhat:tcpdumpredhat tcpdumpeq4.1.1
redhat:tcpdumpredhat tcpdumpeq4.3.0

CPE	Name	Operator	Version
redhat:tcpdump	redhat tcpdump	eq	4.6.0
redhat:tcpdump	redhat tcpdump	eq	4.3.1
redhat:tcpdump	redhat tcpdump	eq	3.8.2
redhat:tcpdump	redhat tcpdump	eq	4.5.2
redhat:tcpdump	redhat tcpdump	eq	4.5.0
redhat:tcpdump	redhat tcpdump	eq	4.1.0
redhat:tcpdump	redhat tcpdump	eq	4.0.0
redhat:tcpdump	redhat tcpdump	eq	3.9.2
redhat:tcpdump	redhat tcpdump	eq	4.1.1
redhat:tcpdump	redhat tcpdump	eq	4.3.0