CVE-2017-12985

2017-09-14T06:29:00

Description

The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().

Affected Software

CPE Name	Name	Version
tcpdump:tcpdump	tcpdump	4.9.1

{"id": "CVE-2017-12985", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2017-12985", "description": "The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().", "published": "2017-09-14T06:29:00", "modified": "2019-10-03T00:03:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12985", "reporter": "cve@mitre.org", "references": ["https://github.com/the-tcpdump-group/tcpdump/commit/66df248b49095c261138b5a5e34d341a6bf9ac7f", "http://www.tcpdump.org/tcpdump-changes.txt", "http://www.securitytracker.com/id/1039307", "https://security.gentoo.org/glsa/201709-23", "http://www.debian.org/security/2017/dsa-3971", "https://support.apple.com/HT208221", "https://access.redhat.com/errata/RHEA-2018:0705"], "cvelist": ["CVE-2017-12985"], "immutableFields": [], "lastseen": "2023-02-08T15:47:47", "viewCount": 74, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["TCPDUMP_ADVISORY3.ASC"]}, {"type": "apple", "idList": ["APPLE:0627AF17A33B956DE48ACE757A30BFB9", "APPLE:HT208221"]}, {"type": "archlinux", "idList": ["ASA-201709-5"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:CDEF392A40CEDCB7569EAF5293B5C0AA"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1097-1:0BD7E", "DEBIAN:DSA-3971-1:55E2D", "DEBIAN:DSA-3971-1:CDAA8"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-12985"]}, {"type": "freebsd", "idList": ["EB03D642-6724-472D-B038-F2BF074E1FC8"]}, {"type": "gentoo", "idList": ["GLSA-201709-23"]}, {"type": "hackerone", "idList": ["H1:268803"]}, {"type": "mageia", "idList": ["MGASA-2017-0335"]}, {"type": "nessus", "idList": ["700512.PRM", "AIX_IV94723.NASL", "AIX_IV94724.NASL", "AIX_IV94726.NASL", "AIX_IV94727.NASL", "AIX_IV94728.NASL", "AIX_IV94729.NASL", "DEBIAN_DLA-1097.NASL", "DEBIAN_DSA-3971.NASL", "EULEROS_SA-2017-1280.NASL", "EULEROS_SA-2017-1281.NASL", "FREEBSD_PKG_EB03D6426724472DB038F2BF074E1FC8.NASL", "GENTOO_GLSA-201709-23.NASL", "MACOSX_SECUPD2017-004.NASL", "MACOS_10_13_1.NASL", "NEWSTART_CGSL_NS-SA-2019-0071_TCPDUMP.NASL", "OPENSUSE-2017-1205.NASL", "PHOTONOS_PHSA-2017-0034.NASL", "SLACKWARE_SSA_2017-251-03.NASL", "SUSE_SU-2017-2854-1.NASL", "SUSE_SU-2019-14191-1.NASL", "UBUNTU_USN-3415-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703971", "OPENVAS:1361412562310811961", "OPENVAS:1361412562310843302", "OPENVAS:1361412562310891097", "OPENVAS:1361412562311220171280", "OPENVAS:1361412562311220171281"]}, {"type": "osv", "idList": ["OSV:DLA-1097-1", "OSV:DSA-3971-1"]}, {"type": "photon", "idList": ["PHSA-2017-0034", "PHSA-2017-0070"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-12985"]}, {"type": "slackware", "idList": ["SSA-2017-251-03"]}, {"type": "ubuntu", "idList": ["USN-3415-1", "USN-3415-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-12985"]}]}, "score": {"value": 3.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["TCPDUMP_ADVISORY3.ASC"]}, {"type": "apple", "idList": ["APPLE:0627AF17A33B956DE48ACE757A30BFB9"]}, {"type": "archlinux", "idList": ["ASA-201709-5"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:CDEF392A40CEDCB7569EAF5293B5C0AA"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1097-1:0BD7E", "DEBIAN:DSA-3971-1:55E2D"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-12985"]}, {"type": "freebsd", "idList": ["EB03D642-6724-472D-B038-F2BF074E1FC8"]}, {"type": "gentoo", "idList": ["GLSA-201709-23"]}, {"type": "hackerone", "idList": ["H1:268803"]}, {"type": "nessus", "idList": ["AIX_IV94723.NASL", "AIX_IV94724.NASL", "AIX_IV94726.NASL", "AIX_IV94727.NASL", "AIX_IV94728.NASL", "AIX_IV94729.NASL", "DEBIAN_DLA-1097.NASL", "DEBIAN_DSA-3971.NASL", "SLACKWARE_SSA_2017-251-03.NASL", "UBUNTU_USN-3415-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703971", "OPENVAS:1361412562310811961", "OPENVAS:1361412562310843302"]}, {"type": "photon", "idList": ["PHSA-2017-0034"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-12985"]}, {"type": "slackware", "idList": ["SSA-2017-251-03"]}, {"type": "ubuntu", "idList": ["USN-3415-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-12985"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "tcpdump", "version": 4}]}, "epss": [{"cve": "CVE-2017-12985", "epss": "0.004320000", "percentile": "0.705780000", "modified": "2023-03-14"}], "vulnersScore": 3.5}, "_state": {"dependencies": 1675871409, "score": 1675871408, "affected_software_major_version": 1677268883, "epss": 1678838010}, "_internal": {"score_hash": "330e54bd4bc22e7c65d8561162b96739"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/a:tcpdump:tcpdump:4.9.1"], "cpe23": ["cpe:2.3:a:tcpdump:tcpdump:4.9.1:*:*:*:*:*:*:*"], "cwe": ["CWE-125"], "affectedSoftware": [{"cpeName": "tcpdump:tcpdump", "version": "4.9.1", "operator": "le", "name": "tcpdump"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:tcpdump:tcpdump:4.9.1:*:*:*:*:*:*:*", "versionEndIncluding": "4.9.1", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://github.com/the-tcpdump-group/tcpdump/commit/66df248b49095c261138b5a5e34d341a6bf9ac7f", "name": "https://github.com/the-tcpdump-group/tcpdump/commit/66df248b49095c261138b5a5e34d341a6bf9ac7f", "refsource": "CONFIRM", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"]}, {"url": "http://www.tcpdump.org/tcpdump-changes.txt", "name": "http://www.tcpdump.org/tcpdump-changes.txt", "refsource": "CONFIRM", "tags": ["Vendor Advisory"]}, {"url": "http://www.securitytracker.com/id/1039307", "name": "1039307", "refsource": "SECTRACK", "tags": []}, {"url": "https://security.gentoo.org/glsa/201709-23", "name": "GLSA-201709-23", "refsource": "GENTOO", "tags": []}, {"url": "http://www.debian.org/security/2017/dsa-3971", "name": "DSA-3971", "refsource": "DEBIAN", "tags": []}, {"url": "https://support.apple.com/HT208221", "name": "https://support.apple.com/HT208221", "refsource": "CONFIRM", "tags": []}, {"url": "https://access.redhat.com/errata/RHEA-2018:0705", "name": "RHEA-2018:0705", "refsource": "REDHAT", "tags": []}], "product_info": [{"vendor": "Tcpdump", "product": "Tcpdump"}]}

{"debiancve": [{"lastseen": "2023-01-18T06:10:49", "description": "The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-14T06:29:00", "type": "debiancve", "title": "CVE-2017-12985", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12985"], "modified": "2017-09-14T06:29:00", "id": "DEBIANCVE:CVE-2017-12985", "href": "https://security-tracker.debian.org/tracker/CVE-2017-12985", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2022-06-08T11:33:03", "description": "The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-14T04:23:08", "type": "redhatcve", "title": "CVE-2017-12985", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12985"], "modified": "2022-06-08T03:39:04", "id": "RH:CVE-2017-12985", "href": "https://access.redhat.com/security/cve/cve-2017-12985", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T13:57:35", "description": "The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in\nprint-ip6.c:ip6_print().", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-13T00:00:00", "type": "ubuntucve", "title": "CVE-2017-12985", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12985"], "modified": "2017-09-13T00:00:00", "id": "UB:CVE-2017-12985", "href": "https://ubuntu.com/security/CVE-2017-12985", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "hackerone": [{"lastseen": "2023-03-25T13:32:10", "bounty": 500.0, "description": "Reported to the devs on 4 February 2017.\nTcpdump 4.9.2 released on 8 September 2017.\nPatch: https://github.com/the-tcpdump-group/tcpdump/commit/66df248b49095c261138b5a5e34d341a6bf9ac7f\n\n`The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c.`\n\n```\n./tcpdump -nr test003\nreading from file test003, link-type IPV6 (Raw IPv6)\n=================================================================\n==31276==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60400000e000 at pc 0x000000578cd5 bp 0x7ffe8e397cd0 sp 0x7ffe8e397cc8\nREAD of size 1 at 0x60400000e000 thread T0\n #0 0x578cd4 in ip6_print /root/tcpdump/./print-ip6.c:348:4\n #1 0x576fdc in ipN_print /root/tcpdump/./print-ip.c:700:3\n #2 0x626677 in raw_if_print /root/tcpdump/./print-raw.c:42:2\n #3 0x4de3c9 in pretty_print_packet /root/tcpdump/./print.c:339:18\n #4 0x4ccb0b in print_packet /root/tcpdump/./tcpdump.c:2555:2\n #5 0x775960 in pcap_offline_read /root/libpcap/./savefile.c:527:4\n #6 0x6a3f3c in pcap_loop /root/libpcap/./pcap.c:1623:8\n #7 0x4c8f1e in main /root/tcpdump/./tcpdump.c:2058:12\n #8 0x7efcfe253b44 in __libc_start_main /build/glibc-qK83Be/glibc-2.19/csu/libc-start.c:287\n #9 0x4c419c in _start (/root/tcpdump/tcpdump+0x4c419c)\n\n0x60400000e000 is located 0 bytes to the right of 48-byte region [0x60400000dfd0,0x60400000e000)\nallocated by thread T0 here:\n #0 0x4a6b1b in malloc (/root/tcpdump/tcpdump+0x4a6b1b)\n #1 0x7772b3 in pcap_check_header /root/libpcap/./sf-pcap.c:401:14\n #2 0x774fc2 in pcap_fopen_offline_with_tstamp_precision /root/libpcap/./savefile.c:400:7\n #3 0x774d54 in pcap_open_offline_with_tstamp_precision /root/libpcap/./savefile.c:307:6\n\nSUMMARY: AddressSanitizer: heap-buffer-overflow /root/tcpdump/./print-ip6.c:348 ip6_print\n```", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-15T23:34:37", "type": "hackerone", "title": "Internet Bug Bounty: CVE-2017-12985: The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in ip6_print()", "bulletinFamily": "bugbounty", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12985"], "modified": "2019-10-08T20:32:03", "id": "H1:268803", "href": "https://hackerone.com/reports/268803", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-01-11T14:40:48", "description": "According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2017-13048)\n\n - The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.(CVE-2017-13013)\n\n - The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().(CVE-2017-13033)\n\n - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().(CVE-2017-13036)\n\n - The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().(CVE-2017-13047)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().(CVE-2017-13025)\n\n - The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().(CVE-2017-13019)\n\n - The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().(CVE-2017-12985)\n\n - The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().(CVE-2017-13725)\n\n - The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().(CVE-2017-12988)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().(CVE-2017-12991)\n\n - The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.(CVE-2017-13040)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().(CVE-2017-13029)\n\n - The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().(CVE-2017-1300 0)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().(CVE-2017-13022)\n\n - The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.(CVE-2017-13039)\n\n - The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().(CVE-2017-13031)\n\n - The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.(CVE-2017-13030)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().(CVE-2017-12994)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().(CVE-2017-13043)\n\n - The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().(CVE-2017-13045)\n\n - The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().(CVE-2017-13054, CVE-2017-12998,CVE-2017-13014,CVE-2017-13037, CVE-2017-13690,CVE-2017-13017,CVE-2017-12895,CVE-2017-1 3046,CVE-2017-13688,CVE-2017-13053,CVE-2017-12995,CVE-2 017-12997,CVE-2017-13016,CVE-2017-13002,CVE-2017-12989, CVE-2017-12999,CVE-2017-12900,CVE-2017-13006,CVE-2017-1 2897,CVE-2017-13003,CVE-2017-12901,CVE-2017-13035,CVE-2 017-13009,CVE-2017-13032,CVE-2017-13049,CVE-2017-13007, CVE-2017-13041,CVE-2017-12987,CVE-2017-12993,CVE-2017-1 3023,CVE-2017-13026,CVE-2017-13055,CVE-2017-13042,CVE-2 017-13018,CVE-2017-13044,CVE-2017-13012,CVE-2017-13001, CVE-2017-13050,CVE-2017-13028,CVE-2017-13024,CVE-2017-1 2992,CVE-2017-13004,CVE-2017-13027,CVE-2017-13008,CVE-2 017-13051,CVE-2017-13020,CVE-2017-12902,CVE-2017-13689, CVE-2017-13005,CVE-2017-12894,CVE-2017-13015,CVE-2017-1 3038,CVE-2017-12990,CVE-2017-13034,CVE-2017-13011,CVE-2 017-13021,CVE-2017-13010,CVE-2017-12986,CVE-2017-12996, CVE-2017-13052)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : tcpdump (EulerOS-SA-2017-1280)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12897", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-1300", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:tcpdump", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1280.NASL", "href": "https://www.tenable.com/plugins/nessus/104333", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104333);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-12894\",\n \"CVE-2017-12895\",\n \"CVE-2017-12897\",\n \"CVE-2017-12900\",\n \"CVE-2017-12901\",\n \"CVE-2017-12902\",\n \"CVE-2017-12985\",\n \"CVE-2017-12986\",\n \"CVE-2017-12987\",\n \"CVE-2017-12988\",\n \"CVE-2017-12989\",\n \"CVE-2017-12990\",\n \"CVE-2017-12991\",\n \"CVE-2017-12992\",\n \"CVE-2017-12993\",\n \"CVE-2017-12994\",\n \"CVE-2017-12995\",\n \"CVE-2017-12996\",\n \"CVE-2017-12997\",\n \"CVE-2017-12998\",\n \"CVE-2017-12999\",\n \"CVE-2017-13000\",\n \"CVE-2017-13001\",\n \"CVE-2017-13002\",\n \"CVE-2017-13003\",\n \"CVE-2017-13004\",\n \"CVE-2017-13005\",\n \"CVE-2017-13006\",\n \"CVE-2017-13007\",\n \"CVE-2017-13008\",\n \"CVE-2017-13009\",\n \"CVE-2017-13010\",\n \"CVE-2017-13011\",\n \"CVE-2017-13012\",\n \"CVE-2017-13013\",\n \"CVE-2017-13014\",\n \"CVE-2017-13015\",\n \"CVE-2017-13016\",\n \"CVE-2017-13017\",\n \"CVE-2017-13018\",\n \"CVE-2017-13019\",\n \"CVE-2017-13020\",\n \"CVE-2017-13021\",\n \"CVE-2017-13022\",\n \"CVE-2017-13023\",\n \"CVE-2017-13024\",\n \"CVE-2017-13025\",\n \"CVE-2017-13026\",\n \"CVE-2017-13027\",\n \"CVE-2017-13028\",\n \"CVE-2017-13029\",\n \"CVE-2017-13030\",\n \"CVE-2017-13031\",\n \"CVE-2017-13032\",\n \"CVE-2017-13033\",\n \"CVE-2017-13034\",\n \"CVE-2017-13035\",\n \"CVE-2017-13036\",\n \"CVE-2017-13037\",\n \"CVE-2017-13038\",\n \"CVE-2017-13039\",\n \"CVE-2017-13040\",\n \"CVE-2017-13041\",\n \"CVE-2017-13042\",\n \"CVE-2017-13043\",\n \"CVE-2017-13044\",\n \"CVE-2017-13045\",\n \"CVE-2017-13046\",\n \"CVE-2017-13047\",\n \"CVE-2017-13048\",\n \"CVE-2017-13049\",\n \"CVE-2017-13050\",\n \"CVE-2017-13051\",\n \"CVE-2017-13052\",\n \"CVE-2017-13053\",\n \"CVE-2017-13054\",\n \"CVE-2017-13055\",\n \"CVE-2017-13688\",\n \"CVE-2017-13689\",\n \"CVE-2017-13690\",\n \"CVE-2017-13725\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : tcpdump (EulerOS-SA-2017-1280)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the tcpdump package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The RSVP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-rsvp.c:rsvp_obj_print().(CVE-2017-13048)\n\n - The ARP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-arp.c, several\n functions.(CVE-2017-13013)\n\n - The VTP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-vtp.c:vtp_print().(CVE-2017-13033)\n\n - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-ospf6.c:ospf6_decode_v3().(CVE-2017-13036)\n\n - The ISO ES-IS parser in tcpdump before 4.9.2 has a\n buffer over-read in\n print-isoclns.c:esis_print().(CVE-2017-13047)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a\n buffer over-read in\n print-mobility.c:mobility_opt_print().(CVE-2017-13025)\n\n - The PGM parser in tcpdump before 4.9.2 has a buffer\n over-read in print-pgm.c:pgm_print().(CVE-2017-13019)\n\n - The IPv6 parser in tcpdump before 4.9.2 has a buffer\n over-read in print-ip6.c:ip6_print().(CVE-2017-12985)\n\n - The IPv6 routing header parser in tcpdump before 4.9.2\n has a buffer over-read in\n print-rt6.c:rt6_print().(CVE-2017-13725)\n\n - The telnet parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-telnet.c:telnet_parse().(CVE-2017-12988)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-bgp.c:bgp_attr_print().(CVE-2017-12991)\n\n - The MPTCP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-mptcp.c, several\n functions.(CVE-2017-13040)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-ppp.c:print_ccp_config_options().(CVE-2017-13029)\n\n - The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a\n buffer over-read in\n print-802_15_4.c:ieee802_15_4_if_print().(CVE-2017-1300\n 0)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-ip.c:ip_printroute().(CVE-2017-13022)\n\n - The ISAKMP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-isakmp.c, several\n functions.(CVE-2017-13039)\n\n - The IPv6 fragmentation header parser in tcpdump before\n 4.9.2 has a buffer over-read in\n print-frag6.c:frag6_print().(CVE-2017-13031)\n\n - The PIM parser in tcpdump before 4.9.2 has a buffer\n over-read in print-pim.c, several\n functions.(CVE-2017-13030)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-bgp.c:bgp_attr_print().(CVE-2017-12994)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-bgp.c:decode_multicast_vpn().(CVE-2017-13043)\n\n - The VQP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-vqp.c:vqp_print().(CVE-2017-13045)\n\n - The LLDP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-lldp.c:lldp_private_8023_print().(CVE-2017-13054,\n CVE-2017-12998,CVE-2017-13014,CVE-2017-13037,\n CVE-2017-13690,CVE-2017-13017,CVE-2017-12895,CVE-2017-1\n 3046,CVE-2017-13688,CVE-2017-13053,CVE-2017-12995,CVE-2\n 017-12997,CVE-2017-13016,CVE-2017-13002,CVE-2017-12989,\n CVE-2017-12999,CVE-2017-12900,CVE-2017-13006,CVE-2017-1\n 2897,CVE-2017-13003,CVE-2017-12901,CVE-2017-13035,CVE-2\n 017-13009,CVE-2017-13032,CVE-2017-13049,CVE-2017-13007,\n CVE-2017-13041,CVE-2017-12987,CVE-2017-12993,CVE-2017-1\n 3023,CVE-2017-13026,CVE-2017-13055,CVE-2017-13042,CVE-2\n 017-13018,CVE-2017-13044,CVE-2017-13012,CVE-2017-13001,\n CVE-2017-13050,CVE-2017-13028,CVE-2017-13024,CVE-2017-1\n 2992,CVE-2017-13004,CVE-2017-13027,CVE-2017-13008,CVE-2\n 017-13051,CVE-2017-13020,CVE-2017-12902,CVE-2017-13689,\n CVE-2017-13005,CVE-2017-12894,CVE-2017-13015,CVE-2017-1\n 3038,CVE-2017-12990,CVE-2017-13034,CVE-2017-13011,CVE-2\n 017-13021,CVE-2017-13010,CVE-2017-12986,CVE-2017-12996,\n CVE-2017-13052)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1280\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?834904e3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"tcpdump-4.9.0-5.h175\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:39:18", "description": "According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2017-13048)\n\n - The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.(CVE-2017-13013)\n\n - The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().(CVE-2017-13033)\n\n - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().(CVE-2017-13036)\n\n - The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().(CVE-2017-13047)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().(CVE-2017-13025)\n\n - The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().(CVE-2017-13019)\n\n - The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().(CVE-2017-12985)\n\n - The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().(CVE-2017-13725)\n\n - The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().(CVE-2017-12988)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().(CVE-2017-12991)\n\n - The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.(CVE-2017-13040)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().(CVE-2017-13029)\n\n - The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().(CVE-2017-1300 0)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().(CVE-2017-13022)\n\n - The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.(CVE-2017-13039)\n\n - The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().(CVE-2017-13031)\n\n - The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.(CVE-2017-13030)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().(CVE-2017-12994)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().(CVE-2017-13043)\n\n - The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().(CVE-2017-13045)\n\n - The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().(CVE-2017-13054, CVE-2017-12998,CVE-2017-13014,CVE-2017-13037, CVE-2017-13690,CVE-2017-13017,CVE-2017-12895,CVE-2017-1 3046,CVE-2017-13688,CVE-2017-13053,CVE-2017-12995,CVE-2 017-12997,CVE-2017-13016,CVE-2017-13002,CVE-2017-12989, CVE-2017-12999,CVE-2017-12900,CVE-2017-13006,CVE-2017-1 2897,CVE-2017-13003,CVE-2017-12901,CVE-2017-13035,CVE-2 017-13009,CVE-2017-13032,CVE-2017-13049,CVE-2017-13007, CVE-2017-13041,CVE-2017-12987,CVE-2017-12993,CVE-2017-1 3023,CVE-2017-13026,CVE-2017-13055,CVE-2017-13042,CVE-2 017-13018,CVE-2017-13044,CVE-2017-13012,CVE-2017-13001, CVE-2017-13050,CVE-2017-13028,CVE-2017-13024,CVE-2017-1 2992,CVE-2017-13004,CVE-2017-13027,CVE-2017-13008,CVE-2 017-13051,CVE-2017-13020,CVE-2017-12902,CVE-2017-13689, CVE-2017-13005,CVE-2017-12894,CVE-2017-13015,CVE-2017-1 3038,CVE-2017-12990,CVE-2017-13034,CVE-2017-13011,CVE-2 017-13021,CVE-2017-13010,CVE-2017-12986,CVE-2017-12996, CVE-2017-13052)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : tcpdump (EulerOS-SA-2017-1281)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12897", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-1300", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:tcpdump", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1281.NASL", "href": "https://www.tenable.com/plugins/nessus/104334", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104334);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-12894\",\n \"CVE-2017-12895\",\n \"CVE-2017-12897\",\n \"CVE-2017-12900\",\n \"CVE-2017-12901\",\n \"CVE-2017-12902\",\n \"CVE-2017-12985\",\n \"CVE-2017-12986\",\n \"CVE-2017-12987\",\n \"CVE-2017-12988\",\n \"CVE-2017-12989\",\n \"CVE-2017-12990\",\n \"CVE-2017-12991\",\n \"CVE-2017-12992\",\n \"CVE-2017-12993\",\n \"CVE-2017-12994\",\n \"CVE-2017-12995\",\n \"CVE-2017-12996\",\n \"CVE-2017-12997\",\n \"CVE-2017-12998\",\n \"CVE-2017-12999\",\n \"CVE-2017-13000\",\n \"CVE-2017-13001\",\n \"CVE-2017-13002\",\n \"CVE-2017-13003\",\n \"CVE-2017-13004\",\n \"CVE-2017-13005\",\n \"CVE-2017-13006\",\n \"CVE-2017-13007\",\n \"CVE-2017-13008\",\n \"CVE-2017-13009\",\n \"CVE-2017-13010\",\n \"CVE-2017-13011\",\n \"CVE-2017-13012\",\n \"CVE-2017-13013\",\n \"CVE-2017-13014\",\n \"CVE-2017-13015\",\n \"CVE-2017-13016\",\n \"CVE-2017-13017\",\n \"CVE-2017-13018\",\n \"CVE-2017-13019\",\n \"CVE-2017-13020\",\n \"CVE-2017-13021\",\n \"CVE-2017-13022\",\n \"CVE-2017-13023\",\n \"CVE-2017-13024\",\n \"CVE-2017-13025\",\n \"CVE-2017-13026\",\n \"CVE-2017-13027\",\n \"CVE-2017-13028\",\n \"CVE-2017-13029\",\n \"CVE-2017-13030\",\n \"CVE-2017-13031\",\n \"CVE-2017-13032\",\n \"CVE-2017-13033\",\n \"CVE-2017-13034\",\n \"CVE-2017-13035\",\n \"CVE-2017-13036\",\n \"CVE-2017-13037\",\n \"CVE-2017-13038\",\n \"CVE-2017-13039\",\n \"CVE-2017-13040\",\n \"CVE-2017-13041\",\n \"CVE-2017-13042\",\n \"CVE-2017-13043\",\n \"CVE-2017-13044\",\n \"CVE-2017-13045\",\n \"CVE-2017-13046\",\n \"CVE-2017-13047\",\n \"CVE-2017-13048\",\n \"CVE-2017-13049\",\n \"CVE-2017-13050\",\n \"CVE-2017-13051\",\n \"CVE-2017-13052\",\n \"CVE-2017-13053\",\n \"CVE-2017-13054\",\n \"CVE-2017-13055\",\n \"CVE-2017-13688\",\n \"CVE-2017-13689\",\n \"CVE-2017-13690\",\n \"CVE-2017-13725\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : tcpdump (EulerOS-SA-2017-1281)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the tcpdump package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The RSVP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-rsvp.c:rsvp_obj_print().(CVE-2017-13048)\n\n - The ARP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-arp.c, several\n functions.(CVE-2017-13013)\n\n - The VTP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-vtp.c:vtp_print().(CVE-2017-13033)\n\n - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-ospf6.c:ospf6_decode_v3().(CVE-2017-13036)\n\n - The ISO ES-IS parser in tcpdump before 4.9.2 has a\n buffer over-read in\n print-isoclns.c:esis_print().(CVE-2017-13047)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a\n buffer over-read in\n print-mobility.c:mobility_opt_print().(CVE-2017-13025)\n\n - The PGM parser in tcpdump before 4.9.2 has a buffer\n over-read in print-pgm.c:pgm_print().(CVE-2017-13019)\n\n - The IPv6 parser in tcpdump before 4.9.2 has a buffer\n over-read in print-ip6.c:ip6_print().(CVE-2017-12985)\n\n - The IPv6 routing header parser in tcpdump before 4.9.2\n has a buffer over-read in\n print-rt6.c:rt6_print().(CVE-2017-13725)\n\n - The telnet parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-telnet.c:telnet_parse().(CVE-2017-12988)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-bgp.c:bgp_attr_print().(CVE-2017-12991)\n\n - The MPTCP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-mptcp.c, several\n functions.(CVE-2017-13040)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-ppp.c:print_ccp_config_options().(CVE-2017-13029)\n\n - The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a\n buffer over-read in\n print-802_15_4.c:ieee802_15_4_if_print().(CVE-2017-1300\n 0)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-ip.c:ip_printroute().(CVE-2017-13022)\n\n - The ISAKMP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-isakmp.c, several\n functions.(CVE-2017-13039)\n\n - The IPv6 fragmentation header parser in tcpdump before\n 4.9.2 has a buffer over-read in\n print-frag6.c:frag6_print().(CVE-2017-13031)\n\n - The PIM parser in tcpdump before 4.9.2 has a buffer\n over-read in print-pim.c, several\n functions.(CVE-2017-13030)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-bgp.c:bgp_attr_print().(CVE-2017-12994)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-bgp.c:decode_multicast_vpn().(CVE-2017-13043)\n\n - The VQP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-vqp.c:vqp_print().(CVE-2017-13045)\n\n - The LLDP parser in tcpdump before 4.9.2 has a buffer\n over-read in\n print-lldp.c:lldp_private_8023_print().(CVE-2017-13054,\n CVE-2017-12998,CVE-2017-13014,CVE-2017-13037,\n CVE-2017-13690,CVE-2017-13017,CVE-2017-12895,CVE-2017-1\n 3046,CVE-2017-13688,CVE-2017-13053,CVE-2017-12995,CVE-2\n 017-12997,CVE-2017-13016,CVE-2017-13002,CVE-2017-12989,\n CVE-2017-12999,CVE-2017-12900,CVE-2017-13006,CVE-2017-1\n 2897,CVE-2017-13003,CVE-2017-12901,CVE-2017-13035,CVE-2\n 017-13009,CVE-2017-13032,CVE-2017-13049,CVE-2017-13007,\n CVE-2017-13041,CVE-2017-12987,CVE-2017-12993,CVE-2017-1\n 3023,CVE-2017-13026,CVE-2017-13055,CVE-2017-13042,CVE-2\n 017-13018,CVE-2017-13044,CVE-2017-13012,CVE-2017-13001,\n CVE-2017-13050,CVE-2017-13028,CVE-2017-13024,CVE-2017-1\n 2992,CVE-2017-13004,CVE-2017-13027,CVE-2017-13008,CVE-2\n 017-13051,CVE-2017-13020,CVE-2017-12902,CVE-2017-13689,\n CVE-2017-13005,CVE-2017-12894,CVE-2017-13015,CVE-2017-1\n 3038,CVE-2017-12990,CVE-2017-13034,CVE-2017-13011,CVE-2\n 017-13021,CVE-2017-13010,CVE-2017-12986,CVE-2017-12996,\n CVE-2017-13052)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1281\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5056afaf\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"tcpdump-4.9.0-5.h175\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:07", "description": "The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14191-1 advisory.\n\n - The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().\n (CVE-2017-12893)\n\n - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring(). (CVE-2017-12894)\n\n - The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().\n (CVE-2017-12896)\n\n - The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().\n (CVE-2017-12897)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().\n (CVE-2017-12898)\n\n - The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().\n (CVE-2017-12899)\n\n - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util- print.c:tok2strbuf(). (CVE-2017-12900)\n\n - The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().\n (CVE-2017-12901)\n\n - The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.\n (CVE-2017-12902)\n\n - The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().\n (CVE-2017-12985)\n\n - The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().\n (CVE-2017-12986, CVE-2017-13725)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().\n (CVE-2017-12987, CVE-2017-13008)\n\n - The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().\n (CVE-2017-12988)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().\n (CVE-2017-12991)\n\n - The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().\n (CVE-2017-12992)\n\n - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions. (CVE-2017-12993)\n\n - The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print- domain.c:ns_print(). (CVE-2017-12995)\n\n - The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().\n (CVE-2017-12996)\n\n - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print- isoclns.c:isis_print_extd_ip_reach(). (CVE-2017-12998)\n\n - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().\n (CVE-2017-12999)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().\n (CVE-2017-13001)\n\n - The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().\n (CVE-2017-13002)\n\n - The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print(). (CVE-2017-13003)\n\n - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print- juniper.c:juniper_parse_header(). (CVE-2017-13004)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().\n (CVE-2017-13005)\n\n - The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.\n (CVE-2017-13006)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print- mobility.c:mobility_print(). (CVE-2017-13009)\n\n - The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().\n (CVE-2017-13010)\n\n - The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2017-13012)\n\n - The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.\n (CVE-2017-13013)\n\n - The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions. (CVE-2017-13014)\n\n - The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().\n (CVE-2017-13016, CVE-2017-13047)\n\n - The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().\n (CVE-2017-13017)\n\n - The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). (CVE-2017-13018, CVE-2017-13019, CVE-2017-13034)\n\n - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().\n (CVE-2017-13021)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().\n (CVE-2017-13022)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print- mobility.c:mobility_opt_print(). (CVE-2017-13023, CVE-2017-13024, CVE-2017-13025)\n\n - The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().\n (CVE-2017-13027)\n\n - The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().\n (CVE-2017-13028)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().\n (CVE-2017-13029)\n\n - The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.\n (CVE-2017-13030)\n\n - The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print- frag6.c:frag6_print(). (CVE-2017-13031)\n\n - The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().\n (CVE-2017-13032)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().\n (CVE-2017-13035)\n\n - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().\n (CVE-2017-13036)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). (CVE-2017-13037)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().\n (CVE-2017-13038)\n\n - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().\n (CVE-2017-13041)\n\n - The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2017-13048, CVE-2017-13051)\n\n - The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().\n (CVE-2017-13049)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().\n (CVE-2017-13053)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print- isoclns.c:isis_print_is_reach_subtlv(). (CVE-2017-13055)\n\n - The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().\n (CVE-2017-13687)\n\n - The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().\n (CVE-2017-13688)\n\n - The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().\n (CVE-2017-13689)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().\n (CVE-2018-14461)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2018-14462)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().\n (CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print- lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2018-14465)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). (CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). (CVE-2018-14467)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().\n (CVE-2018-14468)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().\n (CVE-2018-14469)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). (CVE-2018-14881)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().\n (CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). (CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. (CVE-2018-16300)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2018-16301)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. (CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.\n (CVE-2018-16452)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.\n (CVE-2019-15166)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-10T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : tcpdump (SUSE-SU-2019:14191-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13041", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13051", "CVE-2017-13053", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13725", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2021-06-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:tcpdump", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2019-14191-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150563", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2019:14191-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150563);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/10\");\n\n script_cve_id(\n \"CVE-2017-12893\",\n \"CVE-2017-12894\",\n \"CVE-2017-12896\",\n \"CVE-2017-12897\",\n \"CVE-2017-12898\",\n \"CVE-2017-12899\",\n \"CVE-2017-12900\",\n \"CVE-2017-12901\",\n \"CVE-2017-12902\",\n \"CVE-2017-12985\",\n \"CVE-2017-12986\",\n \"CVE-2017-12987\",\n \"CVE-2017-12988\",\n \"CVE-2017-12991\",\n \"CVE-2017-12992\",\n \"CVE-2017-12993\",\n \"CVE-2017-12995\",\n \"CVE-2017-12996\",\n \"CVE-2017-12998\",\n \"CVE-2017-12999\",\n \"CVE-2017-13001\",\n \"CVE-2017-13002\",\n \"CVE-2017-13003\",\n \"CVE-2017-13004\",\n \"CVE-2017-13005\",\n \"CVE-2017-13006\",\n \"CVE-2017-13008\",\n \"CVE-2017-13009\",\n \"CVE-2017-13010\",\n \"CVE-2017-13012\",\n \"CVE-2017-13013\",\n \"CVE-2017-13014\",\n \"CVE-2017-13016\",\n \"CVE-2017-13017\",\n \"CVE-2017-13018\",\n \"CVE-2017-13019\",\n \"CVE-2017-13021\",\n \"CVE-2017-13022\",\n \"CVE-2017-13023\",\n \"CVE-2017-13024\",\n \"CVE-2017-13025\",\n \"CVE-2017-13027\",\n \"CVE-2017-13028\",\n \"CVE-2017-13029\",\n \"CVE-2017-13030\",\n \"CVE-2017-13031\",\n \"CVE-2017-13032\",\n \"CVE-2017-13034\",\n \"CVE-2017-13035\",\n \"CVE-2017-13036\",\n \"CVE-2017-13037\",\n \"CVE-2017-13038\",\n \"CVE-2017-13041\",\n \"CVE-2017-13047\",\n \"CVE-2017-13048\",\n \"CVE-2017-13049\",\n \"CVE-2017-13051\",\n \"CVE-2017-13053\",\n \"CVE-2017-13055\",\n \"CVE-2017-13687\",\n \"CVE-2017-13688\",\n \"CVE-2017-13689\",\n \"CVE-2017-13725\",\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14468\",\n \"CVE-2018-14469\",\n \"CVE-2018-14881\",\n \"CVE-2018-14882\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16301\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\",\n \"CVE-2019-15166\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2019:14191-1\");\n\n script_name(english:\"SUSE SLES11 Security Update : tcpdump (SUSE-SU-2019:14191-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2019:14191-1 advisory.\n\n - The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().\n (CVE-2017-12893)\n\n - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in\n addrtoname.c:lookup_bytestring(). (CVE-2017-12894)\n\n - The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().\n (CVE-2017-12896)\n\n - The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().\n (CVE-2017-12897)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().\n (CVE-2017-12898)\n\n - The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().\n (CVE-2017-12899)\n\n - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-\n print.c:tok2strbuf(). (CVE-2017-12900)\n\n - The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().\n (CVE-2017-12901)\n\n - The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.\n (CVE-2017-12902)\n\n - The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().\n (CVE-2017-12985)\n\n - The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().\n (CVE-2017-12986, CVE-2017-13725)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().\n (CVE-2017-12987, CVE-2017-13008)\n\n - The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().\n (CVE-2017-12988)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().\n (CVE-2017-12991)\n\n - The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().\n (CVE-2017-12992)\n\n - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several\n functions. (CVE-2017-12993)\n\n - The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-\n domain.c:ns_print(). (CVE-2017-12995)\n\n - The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().\n (CVE-2017-12996)\n\n - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-\n isoclns.c:isis_print_extd_ip_reach(). (CVE-2017-12998)\n\n - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().\n (CVE-2017-12999)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().\n (CVE-2017-13001)\n\n - The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().\n (CVE-2017-13002)\n\n - The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print(). (CVE-2017-13003)\n\n - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-\n juniper.c:juniper_parse_header(). (CVE-2017-13004)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().\n (CVE-2017-13005)\n\n - The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.\n (CVE-2017-13006)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-\n mobility.c:mobility_print(). (CVE-2017-13009)\n\n - The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().\n (CVE-2017-13010)\n\n - The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2017-13012)\n\n - The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.\n (CVE-2017-13013)\n\n - The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(),\n several functions. (CVE-2017-13014)\n\n - The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().\n (CVE-2017-13016, CVE-2017-13047)\n\n - The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().\n (CVE-2017-13017)\n\n - The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). (CVE-2017-13018,\n CVE-2017-13019, CVE-2017-13034)\n\n - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().\n (CVE-2017-13021)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().\n (CVE-2017-13022)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-\n mobility.c:mobility_opt_print(). (CVE-2017-13023, CVE-2017-13024, CVE-2017-13025)\n\n - The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().\n (CVE-2017-13027)\n\n - The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().\n (CVE-2017-13028)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().\n (CVE-2017-13029)\n\n - The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.\n (CVE-2017-13030)\n\n - The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-\n frag6.c:frag6_print(). (CVE-2017-13031)\n\n - The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().\n (CVE-2017-13032)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().\n (CVE-2017-13035)\n\n - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().\n (CVE-2017-13036)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). (CVE-2017-13037)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().\n (CVE-2017-13038)\n\n - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().\n (CVE-2017-13041)\n\n - The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2017-13048, CVE-2017-13051)\n\n - The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().\n (CVE-2017-13049)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().\n (CVE-2017-13053)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-\n isoclns.c:isis_print_is_reach_subtlv(). (CVE-2017-13055)\n\n - The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().\n (CVE-2017-13687)\n\n - The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().\n (CVE-2017-13688)\n\n - The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().\n (CVE-2017-13689)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().\n (CVE-2018-14461)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2018-14462)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().\n (CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-\n lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2018-14465)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and\n rx_cache_insert(). (CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_MP). (CVE-2018-14467)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().\n (CVE-2018-14468)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().\n (CVE-2018-14469)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_RESTART). (CVE-2018-14881)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().\n (CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print()\n (MP_REACH_NLRI). (CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of\n unlimited recursion. (CVE-2018-16300)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2018-16301)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for\n \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. (CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.\n (CVE-2018-16452)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.\n (CVE-2019-15166)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1057247\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1153098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1153332\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-201914191-1.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e03f0e89\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12893\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12896\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12899\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12985\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12987\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12988\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12991\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12993\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12996\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13001\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13006\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13008\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13016\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13017\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13021\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13023\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13024\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13025\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13031\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13032\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13034\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13035\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13036\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13038\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13041\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13047\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13048\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13049\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13687\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13688\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13725\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-10103\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-10105\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14461\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14464\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14466\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14467\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14468\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14469\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14882\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16229\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16230\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16300\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16301\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16451\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16452\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15166\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16301\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\npkgs = [\n {'reference':'tcpdump-3.9.8-1.30.13', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'tcpdump-3.9.8-1.30.13', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n exists_check = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release && exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n else if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'tcpdump');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:34:29", "description": "Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 4.9.2-1~deb7u1.\n\nWe recommend that you upgrade your tcpdump packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-18T00:00:00", "type": "nessus", "title": "Debian DLA-1097-1 : tcpdump security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tcpdump", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-1097.NASL", "href": "https://www.tenable.com/plugins/nessus/103257", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1097-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103257);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n\n script_name(english:\"Debian DLA-1097-1 : tcpdump security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in tcpdump, a\ncommand-line network traffic analyzer. These vulnerabilities might\nresult in denial of service or, potentially, execution of arbitrary\ncode.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n4.9.2-1~deb7u1.\n\nWe recommend that you upgrade your tcpdump packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/09/msg00014.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/tcpdump\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected tcpdump package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/09/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"tcpdump\", reference:\"4.9.2-1~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-02T15:32:57", "description": "An update of [tcpdump,ruby] packages for PhotonOS has been released.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-08-17T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Ruby / Tcpdump PHSA-2017-0034 (deprecated)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725", "CVE-2017-14064"], "modified": "2019-02-07T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:ruby", "p-cpe:/a:vmware:photonos:tcpdump", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2017-0034.NASL", "href": "https://www.tenable.com/plugins/nessus/111883", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2/7/2019\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2017-0034. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111883);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/02/07 18:59:50\");\n\n script_cve_id(\n \"CVE-2017-12893\",\n \"CVE-2017-12894\",\n \"CVE-2017-12895\",\n \"CVE-2017-12896\",\n \"CVE-2017-12897\",\n \"CVE-2017-12898\",\n \"CVE-2017-12899\",\n \"CVE-2017-12900\",\n \"CVE-2017-12901\",\n \"CVE-2017-12902\",\n \"CVE-2017-12985\",\n \"CVE-2017-12986\",\n \"CVE-2017-12987\",\n \"CVE-2017-12988\",\n \"CVE-2017-12989\",\n \"CVE-2017-12990\",\n \"CVE-2017-12991\",\n \"CVE-2017-12992\",\n \"CVE-2017-12993\",\n \"CVE-2017-12994\",\n \"CVE-2017-12995\",\n \"CVE-2017-12996\",\n \"CVE-2017-12997\",\n \"CVE-2017-12998\",\n \"CVE-2017-12999\",\n \"CVE-2017-13000\",\n \"CVE-2017-13001\",\n \"CVE-2017-13002\",\n \"CVE-2017-13003\",\n \"CVE-2017-13004\",\n \"CVE-2017-13005\",\n \"CVE-2017-13006\",\n \"CVE-2017-13007\",\n \"CVE-2017-13008\",\n \"CVE-2017-13009\",\n \"CVE-2017-13010\",\n \"CVE-2017-13011\",\n \"CVE-2017-13012\",\n \"CVE-2017-13013\",\n \"CVE-2017-13014\",\n \"CVE-2017-13015\",\n \"CVE-2017-13016\",\n \"CVE-2017-13017\",\n \"CVE-2017-13018\",\n \"CVE-2017-13019\",\n \"CVE-2017-13020\",\n \"CVE-2017-13021\",\n \"CVE-2017-13022\",\n \"CVE-2017-13023\",\n \"CVE-2017-13024\",\n \"CVE-2017-13025\",\n \"CVE-2017-13026\",\n \"CVE-2017-13027\",\n \"CVE-2017-13028\",\n \"CVE-2017-13029\",\n \"CVE-2017-13030\",\n \"CVE-2017-13031\",\n \"CVE-2017-13032\",\n \"CVE-2017-13033\",\n \"CVE-2017-13034\",\n \"CVE-2017-13035\",\n \"CVE-2017-13036\",\n \"CVE-2017-13037\",\n \"CVE-2017-13038\",\n \"CVE-2017-13039\",\n \"CVE-2017-13040\",\n \"CVE-2017-13041\",\n \"CVE-2017-13042\",\n \"CVE-2017-13043\",\n \"CVE-2017-13044\",\n \"CVE-2017-13045\",\n \"CVE-2017-13046\",\n \"CVE-2017-13047\",\n \"CVE-2017-13048\",\n \"CVE-2017-13049\",\n \"CVE-2017-13050\",\n \"CVE-2017-13051\",\n \"CVE-2017-13052\",\n \"CVE-2017-13053\",\n \"CVE-2017-13054\",\n \"CVE-2017-13055\",\n \"CVE-2017-13687\",\n \"CVE-2017-13688\",\n \"CVE-2017-13689\",\n \"CVE-2017-13690\",\n \"CVE-2017-13725\",\n \"CVE-2017-14064\"\n );\n\n script_name(english:\"Photon OS 1.0: Ruby / Tcpdump PHSA-2017-0034 (deprecated)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of [tcpdump,ruby] packages for PhotonOS has been released.\");\n # https://github.com/vmware/photon/wiki/Security-Updates-70\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d5900e66\");\n script_set_attribute(attribute:\"solution\", value:\"n/a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-12893\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\npkgs = [\n \"ruby-2.4.0-6.ph1\",\n \"ruby-debuginfo-2.4.0-6.ph1\",\n \"tcpdump-4.9.2-1.ph1\",\n \"tcpdump-debuginfo-4.9.2-1.ph1\"\n];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"PhotonOS-1.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / tcpdump\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-19T15:11:27", "description": "Vulnerabilities in tcpdump affect AIX :\n\nhttps://vulners.com/cve/CVE-2017-12993 https://vulners.com/cve/CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RIPng component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the telnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Zephyr component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EIGRP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the tok2strbuf component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DECnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO CLNS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the lookup_bytestring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the SMB/CIFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by an error in the LLDP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in the DNS component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the ISAKMP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in the RESP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the bittok2str_internal component. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\ntcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DHCPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EAP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the White Board component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ARP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BEEP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the L2TP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the AODV component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.15.4 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIMv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the MPTCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OSPFv3 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RADIUS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 fragmentation header component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BOOTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv1 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OLSR component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Cisco HDLC component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the CFM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RPKI-Router component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Rx component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VQP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-30T00:00:00", "type": "nessus", "title": "AIX 7.1 TL 4 : tcpdump (IV94726)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IV94726.NASL", "href": "https://www.tenable.com/plugins/nessus/100469", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory tcpdump_advisory3.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100469);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n\n script_name(english:\"AIX 7.1 TL 4 : tcpdump (IV94726)\");\n script_summary(english:\"Check for APAR IV94726\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerabilities in tcpdump affect AIX :\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the Juniper component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the RIPng component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the BGP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the telnet component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IEEE 802.11 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe IPv6 routing headers component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IPv6\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the Zephyr component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the EIGRP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\ntok2strbuf component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the DECnet\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the NFS component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO CLNS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISAKMP component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the ICMP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the lookup_bytestring component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the SMB/CIFS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump is vulnerable to a denial of\nservice, caused by a heap-based buffer over-read in the pimv1_print\nfunction in print-pim.c. An attacker could exploit this vulnerability\nto cause the application to crash. tcpdump is vulnerable to a denial\nof service, caused by a heap-based buffer over-read in the lldp_print\nfunction in print-lldp.c. An attacker could exploit this vulnerability\nto cause the application to crash. tcpdump is vulnerable to a denial\nof service, caused by an error in the LLDP component. By sending\nspecially crafted data, a remote attacker could exploit this\nvulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in\nthe DNS component. By sending specially crafted data, a remote\nattacker could exploit this vulnerability to cause the application to\nenter into an infinite loop. tcpdump is vulnerable to a denial of\nservice, caused by an error in the ISAKMP component. By sending\nspecially crafted data, a remote attacker could exploit this\nvulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in\nthe RESP component. By sending specially crafted data, a remote\nattacker could exploit this vulnerability to cause the application to\nenter into an infinite loop. tcpdump is vulnerable to a buffer\noverflow, caused by improper bounds checking by the\nbittok2str_internal component. By sending an overly long string\nargument, a remote attacker could overflow a buffer and execute\narbitrary code on the system or cause the application to crash.\ntcpdump is vulnerable to a denial of service, caused by a buffer\noverflow in the sliplink_print function in print-sl.c. An attacker\ncould exploit this vulnerability to cause the application to crash.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PGM component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the DHCPv6 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO ES-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump is vulnerable to a denial of service, caused by a\nbuffer overflow in the sliplink_print function in print-sl.c. An\nattacker could exploit this vulnerability to cause the application to\ncrash. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the EAP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the White Board component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ARP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the ICMP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BEEP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IPv6\nmobility component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the IEEE 802.11\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the L2TP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the NFS component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nJuniper component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the LMP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the AODV component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the NFS\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the IEEE 802.15.4 component. By sending\na specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO IS-IS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO IS-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the PIMv2\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the BGP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump is vulnerable\nto a denial of service, caused by a heap-based buffer over-read in the\nlldp_print function in print-lldp.c. An attacker could exploit this\nvulnerability to cause the application to crash. tcpdump is vulnerable\nto a denial of service, caused by a heap-based buffer over-read in the\npimv1_print function in print-pim.c. An attacker could exploit this\nvulnerability to cause the application to crash. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BGP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the HNCP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the ICMPv6 component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the MPTCP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nISAKMP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PPP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nOSPFv3 component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the ISO IS-IS component. By\nsending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the PGM component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the VTP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the RADIUS component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 fragmentation header component. By sending\na specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the PIM component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the PPP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the BOOTP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the LLDP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the ISO\nIS-IS component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the IPv6 mobility component. By\nsending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 mobility component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe IPv6 mobility component. By sending a specially crafted request,\nan attacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the IP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ICMPv6 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe VTP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PGM component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 routing headers component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IKEv2 component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IKEv1\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the OLSR component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the Cisco HDLC component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO IS-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the LLDP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BGP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the CFM\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the RSVP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the RPKI-Router component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe Rx component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the RSVP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO ES-IS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe BGP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the VQP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the HNCP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"04\", sp:\"03\", patch:\"IV94726m5a\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.4.0\", maxfilesetver:\"7.1.4.32\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"04\", sp:\"04\", patch:\"IV94726m5a\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.4.0\", maxfilesetver:\"7.1.4.32\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"04\", sp:\"05\", patch:\"IV94726m5a\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.4.0\", maxfilesetver:\"7.1.4.32\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-17T15:24:48", "description": "Vulnerabilities in tcpdump affect AIX :\n\nhttps://vulners.com/cve/CVE-2017-12993 https://vulners.com/cve/CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RIPng component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the telnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Zephyr component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EIGRP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the tok2strbuf component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DECnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO CLNS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the lookup_bytestring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the SMB/CIFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by an error in the LLDP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in the DNS component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the ISAKMP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in the RESP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the bittok2str_internal component. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\ntcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DHCPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EAP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the White Board component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ARP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BEEP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the L2TP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the AODV component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.15.4 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIMv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the MPTCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OSPFv3 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RADIUS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 fragmentation header component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BOOTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv1 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OLSR component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Cisco HDLC component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the CFM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RPKI-Router component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Rx component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VQP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-30T00:00:00", "type": "nessus", "title": "AIX 6.1 TL 9 : tcpdump (IV94728)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:6.1"], "id": "AIX_IV94728.NASL", "href": "https://www.tenable.com/plugins/nessus/100471", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory tcpdump_advisory3.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100471);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n\n script_name(english:\"AIX 6.1 TL 9 : tcpdump (IV94728)\");\n script_summary(english:\"Check for APAR IV94728\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerabilities in tcpdump affect AIX :\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the Juniper component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the RIPng component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the BGP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the telnet component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IEEE 802.11 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe IPv6 routing headers component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IPv6\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the Zephyr component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the EIGRP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\ntok2strbuf component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the DECnet\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the NFS component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO CLNS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISAKMP component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the ICMP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the lookup_bytestring component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the SMB/CIFS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump is vulnerable to a denial of\nservice, caused by a heap-based buffer over-read in the pimv1_print\nfunction in print-pim.c. An attacker could exploit this vulnerability\nto cause the application to crash. tcpdump is vulnerable to a denial\nof service, caused by a heap-based buffer over-read in the lldp_print\nfunction in print-lldp.c. An attacker could exploit this vulnerability\nto cause the application to crash. tcpdump is vulnerable to a denial\nof service, caused by an error in the LLDP component. By sending\nspecially crafted data, a remote attacker could exploit this\nvulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in\nthe DNS component. By sending specially crafted data, a remote\nattacker could exploit this vulnerability to cause the application to\nenter into an infinite loop. tcpdump is vulnerable to a denial of\nservice, caused by an error in the ISAKMP component. By sending\nspecially crafted data, a remote attacker could exploit this\nvulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in\nthe RESP component. By sending specially crafted data, a remote\nattacker could exploit this vulnerability to cause the application to\nenter into an infinite loop. tcpdump is vulnerable to a buffer\noverflow, caused by improper bounds checking by the\nbittok2str_internal component. By sending an overly long string\nargument, a remote attacker could overflow a buffer and execute\narbitrary code on the system or cause the application to crash.\ntcpdump is vulnerable to a denial of service, caused by a buffer\noverflow in the sliplink_print function in print-sl.c. An attacker\ncould exploit this vulnerability to cause the application to crash.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PGM component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the DHCPv6 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO ES-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump is vulnerable to a denial of service, caused by a\nbuffer overflow in the sliplink_print function in print-sl.c. An\nattacker could exploit this vulnerability to cause the application to\ncrash. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the EAP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the White Board component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ARP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the ICMP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BEEP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IPv6\nmobility component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the IEEE 802.11\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the L2TP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the NFS component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nJuniper component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the LMP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the AODV component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the NFS\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the IEEE 802.15.4 component. By sending\na specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO IS-IS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO IS-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the PIMv2\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the BGP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump is vulnerable\nto a denial of service, caused by a heap-based buffer over-read in the\nlldp_print function in print-lldp.c. An attacker could exploit this\nvulnerability to cause the application to crash. tcpdump is vulnerable\nto a denial of service, caused by a heap-based buffer over-read in the\npimv1_print function in print-pim.c. An attacker could exploit this\nvulnerability to cause the application to crash. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BGP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the HNCP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the ICMPv6 component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the MPTCP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nISAKMP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PPP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nOSPFv3 component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the ISO IS-IS component. By\nsending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the PGM component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the VTP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the RADIUS component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 fragmentation header component. By sending\na specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the PIM component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the PPP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the BOOTP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the LLDP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the ISO\nIS-IS component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the IPv6 mobility component. By\nsending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 mobility component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe IPv6 mobility component. By sending a specially crafted request,\nan attacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the IP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ICMPv6 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe VTP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PGM component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 routing headers component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IKEv2 component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IKEv1\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the OLSR component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the Cisco HDLC component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO IS-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the LLDP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BGP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the CFM\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the RSVP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the RPKI-Router component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe Rx component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the RSVP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO ES-IS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe BGP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the VQP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the HNCP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"6.1\", ml:\"09\", sp:\"08\", patch:\"IV94728mAa\", package:\"bos.net.tcp.server\", minfilesetver:\"6.1.9.0\", maxfilesetver:\"6.1.9.300\") < 0) flag++;\nif (aix_check_ifix(release:\"6.1\", ml:\"09\", sp:\"09\", patch:\"IV94728mAa\", package:\"bos.net.tcp.server\", minfilesetver:\"6.1.9.0\", maxfilesetver:\"6.1.9.300\") < 0) flag++;\nif (aix_check_ifix(release:\"6.1\", ml:\"09\", sp:\"10\", patch:\"IV94728mAa\", package:\"bos.net.tcp.server\", minfilesetver:\"6.1.9.0\", maxfilesetver:\"6.1.9.300\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:32:42", "description": "Vulnerabilities in tcpdump affect AIX :\n\nhttps://vulners.com/cve/CVE-2017-12993 https://vulners.com/cve/CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RIPng component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the telnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Zephyr component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EIGRP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the tok2strbuf component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DECnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO CLNS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the lookup_bytestring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the SMB/CIFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by an error in the LLDP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in the DNS component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the ISAKMP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in the RESP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the bittok2str_internal component. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\ntcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DHCPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EAP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the White Board component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ARP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BEEP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the L2TP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the AODV component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.15.4 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIMv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the MPTCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OSPFv3 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RADIUS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 fragmentation header component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BOOTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv1 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OLSR component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Cisco HDLC component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the CFM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RPKI-Router component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Rx component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VQP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-30T00:00:00", "type": "nessus", "title": "AIX 7.1 TL 3 : tcpdump (IV94727)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IV94727.NASL", "href": "https://www.tenable.com/plugins/nessus/100470", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory tcpdump_advisory3.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100470);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n\n script_name(english:\"AIX 7.1 TL 3 : tcpdump (IV94727)\");\n script_summary(english:\"Check for APAR IV94727\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerabilities in tcpdump affect AIX :\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the Juniper component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the RIPng component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the BGP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the telnet component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IEEE 802.11 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe IPv6 routing headers component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IPv6\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the Zephyr component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the EIGRP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\ntok2strbuf component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the DECnet\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the NFS component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO CLNS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISAKMP component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the ICMP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the lookup_bytestring component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the SMB/CIFS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump is vulnerable to a denial of\nservice, caused by a heap-based buffer over-read in the pimv1_print\nfunction in print-pim.c. An attacker could exploit this vulnerability\nto cause the application to crash. tcpdump is vulnerable to a denial\nof service, caused by a heap-based buffer over-read in the lldp_print\nfunction in print-lldp.c. An attacker could exploit this vulnerability\nto cause the application to crash. tcpdump is vulnerable to a denial\nof service, caused by an error in the LLDP component. By sending\nspecially crafted data, a remote attacker could exploit this\nvulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in\nthe DNS component. By sending specially crafted data, a remote\nattacker could exploit this vulnerability to cause the application to\nenter into an infinite loop. tcpdump is vulnerable to a denial of\nservice, caused by an error in the ISAKMP component. By sending\nspecially crafted data, a remote attacker could exploit this\nvulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in\nthe RESP component. By sending specially crafted data, a remote\nattacker could exploit this vulnerability to cause the application to\nenter into an infinite loop. tcpdump is vulnerable to a buffer\noverflow, caused by improper bounds checking by the\nbittok2str_internal component. By sending an overly long string\nargument, a remote attacker could overflow a buffer and execute\narbitrary code on the system or cause the application to crash.\ntcpdump is vulnerable to a denial of service, caused by a buffer\noverflow in the sliplink_print function in print-sl.c. An attacker\ncould exploit this vulnerability to cause the application to crash.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PGM component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the DHCPv6 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO ES-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump is vulnerable to a denial of service, caused by a\nbuffer overflow in the sliplink_print function in print-sl.c. An\nattacker could exploit this vulnerability to cause the application to\ncrash. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the EAP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the White Board component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ARP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the ICMP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BEEP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IPv6\nmobility component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the IEEE 802.11\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the L2TP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the NFS component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nJuniper component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the LMP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the AODV component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the NFS\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the IEEE 802.15.4 component. By sending\na specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO IS-IS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO IS-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the PIMv2\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the BGP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump is vulnerable\nto a denial of service, caused by a heap-based buffer over-read in the\nlldp_print function in print-lldp.c. An attacker could exploit this\nvulnerability to cause the application to crash. tcpdump is vulnerable\nto a denial of service, caused by a heap-based buffer over-read in the\npimv1_print function in print-pim.c. An attacker could exploit this\nvulnerability to cause the application to crash. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BGP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the HNCP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the ICMPv6 component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the MPTCP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nISAKMP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PPP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nOSPFv3 component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the ISO IS-IS component. By\nsending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the PGM component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the VTP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the RADIUS component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 fragmentation header component. By sending\na specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the PIM component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the PPP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the BOOTP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the LLDP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the ISO\nIS-IS component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the IPv6 mobility component. By\nsending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 mobility component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe IPv6 mobility component. By sending a specially crafted request,\nan attacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the IP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ICMPv6 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe VTP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PGM component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 routing headers component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IKEv2 component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IKEv1\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the OLSR component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the Cisco HDLC component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO IS-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the LLDP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BGP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the CFM\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the RSVP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the RPKI-Router component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe Rx component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the RSVP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO ES-IS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe BGP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the VQP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the HNCP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"03\", sp:\"07\", patch:\"IV94727m9a\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.3.0\", maxfilesetver:\"7.1.3.49\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"03\", sp:\"08\", patch:\"IV94727m9a\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.3.0\", maxfilesetver:\"7.1.3.49\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"03\", sp:\"09\", patch:\"IV94727m9a\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.3.0\", maxfilesetver:\"7.1.3.49\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-17T15:27:46", "description": "Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-13T00:00:00", "type": "nessus", "title": "Debian DSA-3971-1 : tcpdump - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tcpdump", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-3971.NASL", "href": "https://www.tenable.com/plugins/nessus/103148", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3971. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103148);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-11108\", \"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n script_xref(name:\"DSA\", value:\"3971\");\n\n script_name(english:\"Debian DSA-3971-1 : tcpdump - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in tcpdump, a\ncommand-line network traffic analyzer. These vulnerabilities might\nresult in denial of service or, potentially, execution of arbitrary\ncode.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867718\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873804\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tcpdump\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/tcpdump\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-3971\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tcpdump packages.\n\nFor the oldstable distribution (jessie), these problems have been\nfixed in version 4.9.2-1~deb8u1.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 4.9.2-1~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"tcpdump\", reference:\"4.9.2-1~deb8u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"tcpdump\", reference:\"4.9.2-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-17T15:27:37", "description": "Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code.\n(CVE-2017-11543)\n\nBhargava Shastry discovered a buffer overflow in the bitfield converter utility function bittok2str_internal() in tcpdump. A remote attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2017-13011)\n\nOtto Airamo and Antti Levomaki discovered logic errors in different protocol parsers in tcpdump that could lead to an infinite loop. A remote attacker could use these to cause a denial of service (application hang). CVE-2017-12989, CVE-2017-12990, CVE-2017-12995, CVE-2017-12997)\n\nOtto Airamo, Brian Carpenter, Yannick Formaggio, Kamil Frankowicz, Katie Holly, Kim Gwan Yeong, Antti Levomaki, Henri Salo, and Bhargava Shastry discovered out-of-bounds reads in muliptle protocol parsers in tcpdump. A remote attacker could use these to cause a denial of service (application crash). (CVE-2017-11108, CVE-2017-11541, CVE-2017-11542, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12991, CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12996, CVE-2017-12998, CVE-2017-12999, CVE-2017-13000, CVE-2017-13001, CVE-2017-13002, CVE-2017-13003, CVE-2017-13004, CVE-2017-13005, CVE-2017-13006, CVE-2017-13007, CVE-2017-13008, CVE-2017-13009, CVE-2017-13010, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014, CVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017-13018, CVE-2017-13019, CVE-2017-13020, CVE-2017-13021, CVE-2017-13022, CVE-2017-13023, CVE-2017-13024, CVE-2017-13025, CVE-2017-13026, CVE-2017-13027, CVE-2017-13028, CVE-2017-13029, CVE-2017-13030, CVE-2017-13031, CVE-2017-13032, CVE-2017-13033, CVE-2017-13034, CVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038, CVE-2017-13039, CVE-2017-13040, CVE-2017-13041, CVE-2017-13042, CVE-2017-13043, CVE-2017-13044, CVE-2017-13045, CVE-2017-13046, CVE-2017-13047, CVE-2017-13048, CVE-2017-13049, CVE-2017-13050, CVE-2017-13051, CVE-2017-13052, CVE-2017-13053, CVE-2017-13054, CVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689, CVE-2017-13690, CVE-2017-13725).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-14T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : tcpdump vulnerabilities (USN-3415-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:tcpdump", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:17.04"], "id": "UBUNTU_USN-3415-1.NASL", "href": "https://www.tenable.com/plugins/nessus/103218", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3415-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103218);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2017-11108\", \"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n script_xref(name:\"USN\", value:\"3415-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : tcpdump vulnerabilities (USN-3415-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in\ntcpdump. A remote attacker could use this to cause a denial of service\n(application crash) or possibly execute arbitrary code.\n(CVE-2017-11543)\n\nBhargava Shastry discovered a buffer overflow in the bitfield\nconverter utility function bittok2str_internal() in tcpdump. A remote\nattacker could use this to cause a denial of service (application\ncrash) or possibly execute arbitrary code. (CVE-2017-13011)\n\nOtto Airamo and Antti Levomaki discovered logic errors in different\nprotocol parsers in tcpdump that could lead to an infinite loop. A\nremote attacker could use these to cause a denial of service\n(application hang). CVE-2017-12989, CVE-2017-12990, CVE-2017-12995,\nCVE-2017-12997)\n\nOtto Airamo, Brian Carpenter, Yannick Formaggio, Kamil Frankowicz,\nKatie Holly, Kim Gwan Yeong, Antti Levomaki, Henri Salo, and Bhargava\nShastry discovered out-of-bounds reads in muliptle protocol parsers in\ntcpdump. A remote attacker could use these to cause a denial of\nservice (application crash). (CVE-2017-11108, CVE-2017-11541,\nCVE-2017-11542, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895,\nCVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899,\nCVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985,\nCVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12991,\nCVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12996,\nCVE-2017-12998, CVE-2017-12999, CVE-2017-13000, CVE-2017-13001,\nCVE-2017-13002, CVE-2017-13003, CVE-2017-13004, CVE-2017-13005,\nCVE-2017-13006, CVE-2017-13007, CVE-2017-13008, CVE-2017-13009,\nCVE-2017-13010, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014,\nCVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017-13018,\nCVE-2017-13019, CVE-2017-13020, CVE-2017-13021, CVE-2017-13022,\nCVE-2017-13023, CVE-2017-13024, CVE-2017-13025, CVE-2017-13026,\nCVE-2017-13027, CVE-2017-13028, CVE-2017-13029, CVE-2017-13030,\nCVE-2017-13031, CVE-2017-13032, CVE-2017-13033, CVE-2017-13034,\nCVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038,\nCVE-2017-13039, CVE-2017-13040, CVE-2017-13041, CVE-2017-13042,\nCVE-2017-13043, CVE-2017-13044, CVE-2017-13045, CVE-2017-13046,\nCVE-2017-13047, CVE-2017-13048, CVE-2017-13049, CVE-2017-13050,\nCVE-2017-13051, CVE-2017-13052, CVE-2017-13053, CVE-2017-13054,\nCVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689,\nCVE-2017-13690, CVE-2017-13725).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3415-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected tcpdump package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|17\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 17.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"tcpdump\", pkgver:\"4.9.2-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"tcpdump\", pkgver:\"4.9.2-0ubuntu0.16.04.1\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"tcpdump\", pkgver:\"4.9.2-0ubuntu0.17.04.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:35:51", "description": "The remote host is affected by the vulnerability described in GLSA-201709-23 (Tcpdump: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Tcpdump. Please review the referenced CVE identifiers for details.\n Impact :\n\n A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-26T00:00:00", "type": "nessus", "title": "GLSA-201709-23 : Tcpdump: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-11544", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:tcpdump", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201709-23.NASL", "href": "https://www.tenable.com/plugins/nessus/103462", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201709-23.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103462);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-11108\", \"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-11544\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n script_xref(name:\"GLSA\", value:\"201709-23\");\n\n script_name(english:\"GLSA-201709-23 : Tcpdump: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201709-23\n(Tcpdump: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Tcpdump. Please review\n the referenced CVE identifiers for details.\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code with the\n privileges of the process or cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201709-23\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Tcpdump users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/tcpdump-4.9.2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/tcpdump\", unaffected:make_list(\"ge 4.9.2\"), vulnerable:make_list(\"lt 4.9.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Tcpdump\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:35:50", "description": "tcpdump developers report :\n\nToo many issues to detail, see CVE references for details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-27T00:00:00", "type": "nessus", "title": "FreeBSD : tcpdump -- multiple vulnerabilities (eb03d642-6724-472d-b038-f2bf074e1fc8)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:tcpdump", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_EB03D6426724472DB038F2BF074E1FC8.NASL", "href": "https://www.tenable.com/plugins/nessus/103484", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103484);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n\n script_name(english:\"FreeBSD : tcpdump -- multiple vulnerabilities (eb03d642-6724-472d-b038-f2bf074e1fc8)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"tcpdump developers report :\n\nToo many issues to detail, see CVE references for details.\"\n );\n # https://vuxml.freebsd.org/freebsd/eb03d642-6724-472d-b038-f2bf074e1fc8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d61670e7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"tcpdump<4.9.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:36:28", "description": "This update for tcpdump to version 4.9.2 fixes several issues.\n\nThese security issues were fixed :\n\n - CVE-2017-11108: Prevent remote attackers to cause DoS (heap-based buffer over-read and application crash) via crafted packet data. The crash occured in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol (bsc#1047873, bsc#1057247).\n\n - CVE-2017-11543: Prevent buffer overflow in the sliplink_print function in print-sl.c that allowed remote DoS (bsc#1057247).\n\n - CVE-2017-13011: Prevent buffer overflow in bittok2str_internal() that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12989: Prevent infinite loop in the RESP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12990: Prevent infinite loop in the ISAKMP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12995: Prevent infinite loop in the DNS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12997: Prevent infinite loop in the LLDP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-11541: Prevent heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c that allowed remote DoS (bsc#1057247).\n\n - CVE-2017-11542: Prevent heap-based buffer over-read in the pimv1_print function in print-pim.c that allowed remote DoS (bsc#1057247).\n\n - CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12894: Prevent buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12895: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12896: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12897: Prevent buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12898: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12899: Prevent buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12900: Prevent buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12901: Prevent buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12902: Prevent buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12985: Prevent buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12986: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12987: Prevent buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12988: Prevent buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12991: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12992: Prevent buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12993: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12994: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12996: Prevent buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12998: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12999: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13000: Prevent buffer over-read in the IEEE 802.15.4 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13001: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13002: Prevent buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13003: Prevent buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13004: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13005: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13006: Prevent buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13007: Prevent buffer over-read in the Apple PKTAP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13008: Prevent buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13009: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13010: Prevent buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13012: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13013: Prevent buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13014: Prevent buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13015: Prevent buffer over-read in the EAP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13016: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13017: Prevent buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13018: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13019: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13020: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13021: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13022: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13023: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13024: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13025: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13026: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13027: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13028: Prevent buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13029: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13030: Prevent buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13031: Prevent buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13032: Prevent buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13033: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13034: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13035: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13036: Prevent buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13037: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13038: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13039: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13040: Prevent buffer over-read in the MPTCP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13041: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13042: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13043: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13044: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13045: Prevent buffer over-read in the VQP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13046: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13047: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13048: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13049: Prevent buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13050: Prevent buffer over-read in the RPKI-Router parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13051: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13052: Prevent buffer over-read in the CFM parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13053: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13054: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13055: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13687: Prevent buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13688: Prevent buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13689: Prevent buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13690: Prevent buffer over-read in the IKEv2 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13725: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)\n\n - Prevent segmentation fault in ESP decoder with OpenSSL 1.1 (bsc#1057247)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-10-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : tcpdump (openSUSE-2017-1205)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:tcpdump", "p-cpe:/a:novell:opensuse:tcpdump-debuginfo", "p-cpe:/a:novell:opensuse:tcpdump-debugsource", "cpe:/o:novell:opensuse:42.2", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2017-1205.NASL", "href": "https://www.tenable.com/plugins/nessus/104239", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-1205.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104239);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-11108\", \"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n\n script_name(english:\"openSUSE Security Update : tcpdump (openSUSE-2017-1205)\");\n script_summary(english:\"Check for the openSUSE-2017-1205 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tcpdump to version 4.9.2 fixes several issues.\n\nThese security issues were fixed :\n\n - CVE-2017-11108: Prevent remote attackers to cause DoS\n (heap-based buffer over-read and application crash) via\n crafted packet data. The crash occured in the\n EXTRACT_16BITS function, called from the stp_print\n function for the Spanning Tree Protocol (bsc#1047873,\n bsc#1057247).\n\n - CVE-2017-11543: Prevent buffer overflow in the\n sliplink_print function in print-sl.c that allowed\n remote DoS (bsc#1057247).\n\n - CVE-2017-13011: Prevent buffer overflow in\n bittok2str_internal() that allowed remote DoS\n (bsc#1057247)\n\n - CVE-2017-12989: Prevent infinite loop in the RESP parser\n that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12990: Prevent infinite loop in the ISAKMP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12995: Prevent infinite loop in the DNS parser\n that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12997: Prevent infinite loop in the LLDP parser\n that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-11541: Prevent heap-based buffer over-read in\n the lldp_print function in print-lldp.c, related to\n util-print.c that allowed remote DoS (bsc#1057247).\n\n - CVE-2017-11542: Prevent heap-based buffer over-read in\n the pimv1_print function in print-pim.c that allowed\n remote DoS (bsc#1057247).\n\n - CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12894: Prevent buffer over-read in several\n protocol parsers that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12895: Prevent buffer over-read in the ICMP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12896: Prevent buffer over-read in the ISAKMP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12897: Prevent buffer over-read in the ISO CLNS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12898: Prevent buffer over-read in the NFS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12899: Prevent buffer over-read in the DECnet\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12900: Prevent buffer over-read in the in\n several protocol parsers that allowed remote DoS\n (bsc#1057247)\n\n - CVE-2017-12901: Prevent buffer over-read in the EIGRP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12902: Prevent buffer over-read in the Zephyr\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12985: Prevent buffer over-read in the IPv6\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12986: Prevent buffer over-read in the IPv6\n routing header parser that allowed remote DoS\n (bsc#1057247)\n\n - CVE-2017-12987: Prevent buffer over-read in the 802.11\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12988: Prevent buffer over-read in the telnet\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12991: Prevent buffer over-read in the BGP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12992: Prevent buffer over-read in the RIPng\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12993: Prevent buffer over-read in the Juniper\n protocols parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12994: Prevent buffer over-read in the BGP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12996: Prevent buffer over-read in the PIMv2\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12998: Prevent buffer over-read in the IS-IS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12999: Prevent buffer over-read in the IS-IS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13000: Prevent buffer over-read in the IEEE\n 802.15.4 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13001: Prevent buffer over-read in the NFS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13002: Prevent buffer over-read in the AODV\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13003: Prevent buffer over-read in the LMP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13004: Prevent buffer over-read in the Juniper\n protocols parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13005: Prevent buffer over-read in the NFS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13006: Prevent buffer over-read in the L2TP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13007: Prevent buffer over-read in the Apple\n PKTAP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13008: Prevent buffer over-read in the IEEE\n 802.11 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13009: Prevent buffer over-read in the IPv6\n mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13010: Prevent buffer over-read in the BEEP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13012: Prevent buffer over-read in the ICMP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13013: Prevent buffer over-read in the ARP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13014: Prevent buffer over-read in the White\n Board protocol parser that allowed remote DoS\n (bsc#1057247)\n\n - CVE-2017-13015: Prevent buffer over-read in the EAP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13016: Prevent buffer over-read in the ISO\n ES-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13017: Prevent buffer over-read in the DHCPv6\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13018: Prevent buffer over-read in the PGM\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13019: Prevent buffer over-read in the PGM\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13020: Prevent buffer over-read in the VTP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13021: Prevent buffer over-read in the ICMPv6\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13022: Prevent buffer over-read in the IP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13023: Prevent buffer over-read in the IPv6\n mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13024: Prevent buffer over-read in the IPv6\n mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13025: Prevent buffer over-read in the IPv6\n mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13026: Prevent buffer over-read in the ISO\n IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13027: Prevent buffer over-read in the LLDP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13028: Prevent buffer over-read in the BOOTP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13029: Prevent buffer over-read in the PPP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13030: Prevent buffer over-read in the PIM\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13031: Prevent buffer over-read in the IPv6\n fragmentation header parser that allowed remote DoS\n (bsc#1057247)\n\n - CVE-2017-13032: Prevent buffer over-read in the RADIUS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13033: Prevent buffer over-read in the VTP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13034: Prevent buffer over-read in the PGM\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13035: Prevent buffer over-read in the ISO\n IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13036: Prevent buffer over-read in the OSPFv3\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13037: Prevent buffer over-read in the IP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13038: Prevent buffer over-read in the PPP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13039: Prevent buffer over-read in the ISAKMP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13040: Prevent buffer over-read in the MPTCP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13041: Prevent buffer over-read in the ICMPv6\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13042: Prevent buffer over-read in the HNCP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13043: Prevent buffer over-read in the BGP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13044: Prevent buffer over-read in the HNCP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13045: Prevent buffer over-read in the VQP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13046: Prevent buffer over-read in the BGP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13047: Prevent buffer over-read in the ISO\n ES-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13048: Prevent buffer over-read in the RSVP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13049: Prevent buffer over-read in the Rx\n protocol parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13050: Prevent buffer over-read in the\n RPKI-Router parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13051: Prevent buffer over-read in the RSVP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13052: Prevent buffer over-read in the CFM\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13053: Prevent buffer over-read in the BGP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13054: Prevent buffer over-read in the LLDP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13055: Prevent buffer over-read in the ISO\n IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13687: Prevent buffer over-read in the Cisco\n HDLC parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13688: Prevent buffer over-read in the OLSR\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13689: Prevent buffer over-read in the IKEv1\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13690: Prevent buffer over-read in the IKEv2\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13725: Prevent buffer over-read in the IPv6\n routing header parser that allowed remote DoS\n (bsc#1057247)\n\n - Prevent segmentation fault in ESP decoder with OpenSSL\n 1.1 (bsc#1057247)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1047873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1057247\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tcpdump packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2|SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2 / 42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"tcpdump-4.9.2-6.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"tcpdump-debuginfo-4.9.2-6.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"tcpdump-debugsource-4.9.2-6.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"tcpdump-4.9.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"tcpdump-debuginfo-4.9.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"tcpdump-debugsource-4.9.2-9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump / tcpdump-debuginfo / tcpdump-debugsource\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:32:12", "description": "Vulnerabilities in tcpdump affect AIX :\n\nhttps://vulners.com/cve/CVE-2017-12993 https://vulners.com/cve/CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RIPng component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the telnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Zephyr component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EIGRP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the tok2strbuf component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DECnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO CLNS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the lookup_bytestring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the SMB/CIFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by an error in the LLDP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in the DNS component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the ISAKMP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in the RESP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the bittok2str_internal component. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\ntcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DHCPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EAP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the White Board component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ARP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BEEP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the L2TP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the AODV component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.15.4 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIMv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the MPTCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OSPFv3 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RADIUS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 fragmentation header component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BOOTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv1 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OLSR component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Cisco HDLC component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the CFM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RPKI-Router component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Rx component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VQP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-30T00:00:00", "type": "nessus", "title": "AIX 7.2 TL 0 : tcpdump (IV94724)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.2"], "id": "AIX_IV94724.NASL", "href": "https://www.tenable.com/plugins/nessus/100468", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory tcpdump_advisory3.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100468);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n\n script_name(english:\"AIX 7.2 TL 0 : tcpdump (IV94724)\");\n script_summary(english:\"Check for APAR IV94724\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerabilities in tcpdump affect AIX :\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the Juniper component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the RIPng component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the BGP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the telnet component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IEEE 802.11 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe IPv6 routing headers component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IPv6\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the Zephyr component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the EIGRP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\ntok2strbuf component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the DECnet\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the NFS component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO CLNS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISAKMP component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the ICMP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the lookup_bytestring component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the SMB/CIFS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump is vulnerable to a denial of\nservice, caused by a heap-based buffer over-read in the pimv1_print\nfunction in print-pim.c. An attacker could exploit this vulnerability\nto cause the application to crash. tcpdump is vulnerable to a denial\nof service, caused by a heap-based buffer over-read in the lldp_print\nfunction in print-lldp.c. An attacker could exploit this vulnerability\nto cause the application to crash. tcpdump is vulnerable to a denial\nof service, caused by an error in the LLDP component. By sending\nspecially crafted data, a remote attacker could exploit this\nvulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in\nthe DNS component. By sending specially crafted data, a remote\nattacker could exploit this vulnerability to cause the application to\nenter into an infinite loop. tcpdump is vulnerable to a denial of\nservice, caused by an error in the ISAKMP component. By sending\nspecially crafted data, a remote attacker could exploit this\nvulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in\nthe RESP component. By sending specially crafted data, a remote\nattacker could exploit this vulnerability to cause the application to\nenter into an infinite loop. tcpdump is vulnerable to a buffer\noverflow, caused by improper bounds checking by the\nbittok2str_internal component. By sending an overly long string\nargument, a remote attacker could overflow a buffer and execute\narbitrary code on the system or cause the application to crash.\ntcpdump is vulnerable to a denial of service, caused by a buffer\noverflow in the sliplink_print function in print-sl.c. An attacker\ncould exploit this vulnerability to cause the application to crash.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PGM component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the DHCPv6 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO ES-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump is vulnerable to a denial of service, caused by a\nbuffer overflow in the sliplink_print function in print-sl.c. An\nattacker could exploit this vulnerability to cause the application to\ncrash. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the EAP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the White Board component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ARP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the ICMP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BEEP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IPv6\nmobility component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the IEEE 802.11\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the L2TP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the NFS component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nJuniper component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the LMP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the AODV component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the NFS\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the IEEE 802.15.4 component. By sending\na specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO IS-IS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO IS-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the PIMv2\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the BGP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump is vulnerable\nto a denial of service, caused by a heap-based buffer over-read in the\nlldp_print function in print-lldp.c. An attacker could exploit this\nvulnerability to cause the application to crash. tcpdump is vulnerable\nto a denial of service, caused by a heap-based buffer over-read in the\npimv1_print function in print-pim.c. An attacker could exploit this\nvulnerability to cause the application to crash. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BGP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the HNCP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the ICMPv6 component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the MPTCP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nISAKMP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PPP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nOSPFv3 component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the ISO IS-IS component. By\nsending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the PGM component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the VTP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the RADIUS component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 fragmentation header component. By sending\na specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the PIM component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the PPP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the BOOTP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the LLDP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the ISO\nIS-IS component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the IPv6 mobility component. By\nsending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 mobility component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe IPv6 mobility component. By sending a specially crafted request,\nan attacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the IP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ICMPv6 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe VTP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PGM component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 routing headers component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IKEv2 component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IKEv1\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the OLSR component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the Cisco HDLC component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO IS-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the LLDP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BGP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the CFM\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the RSVP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the RPKI-Router component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe Rx component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the RSVP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO ES-IS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe BGP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the VQP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the HNCP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.2\", ml:\"00\", sp:\"03\", patch:\"IV94724m5a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.0.0\", maxfilesetver:\"7.2.0.3\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"00\", sp:\"04\", patch:\"IV94724m5a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.0.0\", maxfilesetver:\"7.2.0.3\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"00\", sp:\"05\", patch:\"IV94724m5a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.0.0\", maxfilesetver:\"7.2.0.3\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:32:00", "description": "Vulnerabilities in tcpdump affect AIX :\n\nhttps://vulners.com/cve/CVE-2017-12993 https://vulners.com/cve/CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RIPng component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the telnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Zephyr component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EIGRP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the tok2strbuf component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DECnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO CLNS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the lookup_bytestring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the SMB/CIFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by an error in the LLDP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in the DNS component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the ISAKMP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in the RESP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the bittok2str_internal component. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\ntcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DHCPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EAP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the White Board component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ARP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BEEP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the L2TP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the AODV component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.15.4 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIMv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the MPTCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OSPFv3 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RADIUS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 fragmentation header component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BOOTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv1 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OLSR component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Cisco HDLC component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the CFM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RPKI-Router component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Rx component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VQP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-30T00:00:00", "type": "nessus", "title": "AIX 7.2 TL 1 : tcpdump (IV94723)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.2"], "id": "AIX_IV94723.NASL", "href": "https://www.tenable.com/plugins/nessus/100467", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory tcpdump_advisory3.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100467);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n\n script_name(english:\"AIX 7.2 TL 1 : tcpdump (IV94723)\");\n script_summary(english:\"Check for APAR IV94723\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerabilities in tcpdump affect AIX :\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the Juniper component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the RIPng component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the BGP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the telnet component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IEEE 802.11 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe IPv6 routing headers component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IPv6\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the Zephyr component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the EIGRP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\ntok2strbuf component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the DECnet\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the NFS component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO CLNS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISAKMP component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the ICMP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the lookup_bytestring component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the SMB/CIFS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump is vulnerable to a denial of\nservice, caused by a heap-based buffer over-read in the pimv1_print\nfunction in print-pim.c. An attacker could exploit this vulnerability\nto cause the application to crash. tcpdump is vulnerable to a denial\nof service, caused by a heap-based buffer over-read in the lldp_print\nfunction in print-lldp.c. An attacker could exploit this vulnerability\nto cause the application to crash. tcpdump is vulnerable to a denial\nof service, caused by an error in the LLDP component. By sending\nspecially crafted data, a remote attacker could exploit this\nvulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in\nthe DNS component. By sending specially crafted data, a remote\nattacker could exploit this vulnerability to cause the application to\nenter into an infinite loop. tcpdump is vulnerable to a denial of\nservice, caused by an error in the ISAKMP component. By sending\nspecially crafted data, a remote attacker could exploit this\nvulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in\nthe RESP component. By sending specially crafted data, a remote\nattacker could exploit this vulnerability to cause the application to\nenter into an infinite loop. tcpdump is vulnerable to a buffer\noverflow, caused by improper bounds checking by the\nbittok2str_internal component. By sending an overly long string\nargument, a remote attacker could overflow a buffer and execute\narbitrary code on the system or cause the application to crash.\ntcpdump is vulnerable to a denial of service, caused by a buffer\noverflow in the sliplink_print function in print-sl.c. An attacker\ncould exploit this vulnerability to cause the application to crash.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PGM component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the DHCPv6 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO ES-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump is vulnerable to a denial of service, caused by a\nbuffer overflow in the sliplink_print function in print-sl.c. An\nattacker could exploit this vulnerability to cause the application to\ncrash. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the EAP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the White Board component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ARP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the ICMP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BEEP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IPv6\nmobility component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the IEEE 802.11\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the L2TP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the NFS component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nJuniper component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the LMP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the AODV component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the NFS\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the IEEE 802.15.4 component. By sending\na specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO IS-IS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO IS-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the PIMv2\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the BGP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump is vulnerable\nto a denial of service, caused by a heap-based buffer over-read in the\nlldp_print function in print-lldp.c. An attacker could exploit this\nvulnerability to cause the application to crash. tcpdump is vulnerable\nto a denial of service, caused by a heap-based buffer over-read in the\npimv1_print function in print-pim.c. An attacker could exploit this\nvulnerability to cause the application to crash. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BGP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the HNCP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the ICMPv6 component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the MPTCP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nISAKMP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PPP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nOSPFv3 component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the ISO IS-IS component. By\nsending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the PGM component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the VTP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the RADIUS component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 fragmentation header component. By sending\na specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the PIM component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the PPP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the BOOTP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the LLDP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the ISO\nIS-IS component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the IPv6 mobility component. By\nsending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 mobility component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe IPv6 mobility component. By sending a specially crafted request,\nan attacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the IP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ICMPv6 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe VTP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PGM component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 routing headers component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IKEv2 component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IKEv1\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the OLSR component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the Cisco HDLC component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO IS-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the LLDP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BGP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the CFM\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the RSVP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the RPKI-Router component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe Rx component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the RSVP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO ES-IS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe BGP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the VQP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the HNCP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.2\", ml:\"01\", sp:\"01\", patch:\"IV94723m3a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.1.0\", maxfilesetver:\"7.2.1.1\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"01\", sp:\"02\", patch:\"IV94723m3a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.1.0\", maxfilesetver:\"7.2.1.1\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"01\", sp:\"03\", patch:\"IV94723m3a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.1.0\", maxfilesetver:\"7.2.1.1\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:36:09", "description": "This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed :\n\n - CVE-2017-11108: Prevent remote attackers to cause DoS (heap-based buffer over-read and application crash) via crafted packet data. The crash occured in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol (bsc#1047873, bsc#1057247).\n\n - CVE-2017-11543: Prevent buffer overflow in the sliplink_print function in print-sl.c that allowed remote DoS (bsc#1057247).\n\n - CVE-2017-13011: Prevent buffer overflow in bittok2str_internal() that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12989: Prevent infinite loop in the RESP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12990: Prevent infinite loop in the ISAKMP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12995: Prevent infinite loop in the DNS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12997: Prevent infinite loop in the LLDP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-11541: Prevent heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c that allowed remote DoS (bsc#1057247).\n\n - CVE-2017-11542: Prevent heap-based buffer over-read in the pimv1_print function in print-pim.c that allowed remote DoS (bsc#1057247).\n\n - CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12894: Prevent buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12895: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12896: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12897: Prevent buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12898: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12899: Prevent buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12900: Prevent buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12901: Prevent buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12902: Prevent buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12985: Prevent buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12986: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12987: Prevent buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12988: Prevent buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12991: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12992: Prevent buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12993: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12994: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12996: Prevent buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12998: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12999: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13000: Prevent buffer over-read in the IEEE 802.15.4 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13001: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13002: Prevent buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13003: Prevent buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13004: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13005: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13006: Prevent buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13007: Prevent buffer over-read in the Apple PKTAP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13008: Prevent buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13009: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13010: Prevent buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13012: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13013: Prevent buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13014: Prevent buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13015: Prevent buffer over-read in the EAP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13016: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13017: Prevent buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13018: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13019: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13020: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13021: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13022: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13023: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13024: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13025: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13026: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13027: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13028: Prevent buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13029: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13030: Prevent buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13031: Prevent buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13032: Prevent buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13033: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13034: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13035: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13036: Prevent buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13037: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13038: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13039: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13040: Prevent buffer over-read in the MPTCP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13041: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13042: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13043: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13044: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13045: Prevent buffer over-read in the VQP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13046: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13047: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13048: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13049: Prevent buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13050: Prevent buffer over-read in the RPKI-Router parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13051: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13052: Prevent buffer over-read in the CFM parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13053: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13054: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13055: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13687: Prevent buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13688: Prevent buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13689: Prevent buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13690: Prevent buffer over-read in the IKEv2 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13725: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)\n\n - Prevent segmentation fault in ESP decoder with OpenSSL 1.1 (bsc#1057247)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-10-27T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : tcpdump (SUSE-SU-2017:2854-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:tcpdump", "p-cpe:/a:novell:suse_linux:tcpdump-debuginfo", "p-cpe:/a:novell:suse_linux:tcpdump-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-2854-1.NASL", "href": "https://www.tenable.com/plugins/nessus/104208", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:2854-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104208);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-11108\", \"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : tcpdump (SUSE-SU-2017:2854-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tcpdump to version 4.9.2 fixes several issues. These\nsecurity issues were fixed :\n\n - CVE-2017-11108: Prevent remote attackers to cause DoS\n (heap-based buffer over-read and application crash) via\n crafted packet data. The crash occured in the\n EXTRACT_16BITS function, called from the stp_print\n function for the Spanning Tree Protocol (bsc#1047873,\n bsc#1057247).\n\n - CVE-2017-11543: Prevent buffer overflow in the\n sliplink_print function in print-sl.c that allowed\n remote DoS (bsc#1057247).\n\n - CVE-2017-13011: Prevent buffer overflow in\n bittok2str_internal() that allowed remote DoS\n (bsc#1057247)\n\n - CVE-2017-12989: Prevent infinite loop in the RESP parser\n that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12990: Prevent infinite loop in the ISAKMP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12995: Prevent infinite loop in the DNS parser\n that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12997: Prevent infinite loop in the LLDP parser\n that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-11541: Prevent heap-based buffer over-read in\n the lldp_print function in print-lldp.c, related to\n util-print.c that allowed remote DoS (bsc#1057247).\n\n - CVE-2017-11542: Prevent heap-based buffer over-read in\n the pimv1_print function in print-pim.c that allowed\n remote DoS (bsc#1057247).\n\n - CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12894: Prevent buffer over-read in several\n protocol parsers that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12895: Prevent buffer over-read in the ICMP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12896: Prevent buffer over-read in the ISAKMP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12897: Prevent buffer over-read in the ISO CLNS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12898: Prevent buffer over-read in the NFS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12899: Prevent buffer over-read in the DECnet\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12900: Prevent buffer over-read in the in\n several protocol parsers that allowed remote DoS\n (bsc#1057247)\n\n - CVE-2017-12901: Prevent buffer over-read in the EIGRP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12902: Prevent buffer over-read in the Zephyr\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12985: Prevent buffer over-read in the IPv6\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12986: Prevent buffer over-read in the IPv6\n routing header parser that allowed remote DoS\n (bsc#1057247)\n\n - CVE-2017-12987: Prevent buffer over-read in the 802.11\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12988: Prevent buffer over-read in the telnet\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12991: Prevent buffer over-read in the BGP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12992: Prevent buffer over-read in the RIPng\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12993: Prevent buffer over-read in the Juniper\n protocols parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12994: Prevent buffer over-read in the BGP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12996: Prevent buffer over-read in the PIMv2\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12998: Prevent buffer over-read in the IS-IS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-12999: Prevent buffer over-read in the IS-IS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13000: Prevent buffer over-read in the IEEE\n 802.15.4 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13001: Prevent buffer over-read in the NFS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13002: Prevent buffer over-read in the AODV\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13003: Prevent buffer over-read in the LMP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13004: Prevent buffer over-read in the Juniper\n protocols parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13005: Prevent buffer over-read in the NFS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13006: Prevent buffer over-read in the L2TP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13007: Prevent buffer over-read in the Apple\n PKTAP parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13008: Prevent buffer over-read in the IEEE\n 802.11 parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13009: Prevent buffer over-read in the IPv6\n mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13010: Prevent buffer over-read in the BEEP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13012: Prevent buffer over-read in the ICMP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13013: Prevent buffer over-read in the ARP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13014: Prevent buffer over-read in the White\n Board protocol parser that allowed remote DoS\n (bsc#1057247)\n\n - CVE-2017-13015: Prevent buffer over-read in the EAP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13016: Prevent buffer over-read in the ISO\n ES-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13017: Prevent buffer over-read in the DHCPv6\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13018: Prevent buffer over-read in the PGM\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13019: Prevent buffer over-read in the PGM\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13020: Prevent buffer over-read in the VTP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13021: Prevent buffer over-read in the ICMPv6\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13022: Prevent buffer over-read in the IP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13023: Prevent buffer over-read in the IPv6\n mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13024: Prevent buffer over-read in the IPv6\n mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13025: Prevent buffer over-read in the IPv6\n mobility parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13026: Prevent buffer over-read in the ISO\n IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13027: Prevent buffer over-read in the LLDP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13028: Prevent buffer over-read in the BOOTP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13029: Prevent buffer over-read in the PPP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13030: Prevent buffer over-read in the PIM\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13031: Prevent buffer over-read in the IPv6\n fragmentation header parser that allowed remote DoS\n (bsc#1057247)\n\n - CVE-2017-13032: Prevent buffer over-read in the RADIUS\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13033: Prevent buffer over-read in the VTP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13034: Prevent buffer over-read in the PGM\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13035: Prevent buffer over-read in the ISO\n IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13036: Prevent buffer over-read in the OSPFv3\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13037: Prevent buffer over-read in the IP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13038: Prevent buffer over-read in the PPP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13039: Prevent buffer over-read in the ISAKMP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13040: Prevent buffer over-read in the MPTCP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13041: Prevent buffer over-read in the ICMPv6\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13042: Prevent buffer over-read in the HNCP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13043: Prevent buffer over-read in the BGP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13044: Prevent buffer over-read in the HNCP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13045: Prevent buffer over-read in the VQP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13046: Prevent buffer over-read in the BGP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13047: Prevent buffer over-read in the ISO\n ES-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13048: Prevent buffer over-read in the RSVP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13049: Prevent buffer over-read in the Rx\n protocol parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13050: Prevent buffer over-read in the\n RPKI-Router parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13051: Prevent buffer over-read in the RSVP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13052: Prevent buffer over-read in the CFM\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13053: Prevent buffer over-read in the BGP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13054: Prevent buffer over-read in the LLDP\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13055: Prevent buffer over-read in the ISO\n IS-IS parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13687: Prevent buffer over-read in the Cisco\n HDLC parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13688: Prevent buffer over-read in the OLSR\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13689: Prevent buffer over-read in the IKEv1\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13690: Prevent buffer over-read in the IKEv2\n parser that allowed remote DoS (bsc#1057247)\n\n - CVE-2017-13725: Prevent buffer over-read in the IPv6\n routing header parser that allowed remote DoS\n (bsc#1057247)\n\n - Prevent segmentation fault in ESP decoder with OpenSSL\n 1.1 (bsc#1057247)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1047873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1057247\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11108/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11541/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11542/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-11543/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12893/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12894/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12895/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12896/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12897/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12898/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12899/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12900/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12901/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12902/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12985/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12986/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12987/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12988/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12989/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12990/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12991/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12992/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12993/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12994/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12995/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12996/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12997/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12998/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-12999/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13000/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13001/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13002/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13003/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13005/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13006/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13007/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13008/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13009/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13010/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13011/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13012/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13013/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13014/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13015/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13016/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13017/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13018/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13019/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13020/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13021/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13022/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13023/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13024/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13025/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13026/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13027/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13028/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13029/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13030/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13031/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13032/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13033/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13034/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13035/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13036/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13037/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13038/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13039/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13040/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13041/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13042/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13043/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13044/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13045/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13046/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13047/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13048/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13049/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13050/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13051/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13052/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13053/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13054/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13055/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13687/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13688/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13689/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13690/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13725/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20172854-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fe000485\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2017-1776=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2017-1776=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2017-1776=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2017-1776=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2017-1776=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP2/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"tcpdump-4.9.2-14.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"tcpdump-debuginfo-4.9.2-14.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"tcpdump-debugsource-4.9.2-14.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"tcpdump-4.9.2-14.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"tcpdump-debuginfo-4.9.2-14.5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"tcpdump-debugsource-4.9.2-14.5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"tcpdump-4.9.2-14.5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"tcpdump-debuginfo-4.9.2-14.5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"tcpdump-debugsource-4.9.2-14.5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"tcpdump-4.9.2-14.5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"tcpdump-debuginfo-4.9.2-14.5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"tcpdump-debugsource-4.9.2-14.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:08:18", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has tcpdump packages installed that are affected by multiple vulnerabilities:\n\n - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().\n (CVE-2017-12900)\n\n - tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.\n (CVE-2017-11108)\n\n - A vulnerability was discovered in tcpdump's handling of LINKTYPE_SLIP pcap files. An attacker could craft a malicious pcap file that would cause tcpdump to crash when attempting to print a summary of packet data within the file. (CVE-2017-11543, CVE-2017-11544)\n\n - The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().\n (CVE-2017-12897)\n\n - The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().\n (CVE-2017-12896)\n\n - The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print- frag6.c:frag6_print(). (CVE-2017-13031)\n\n - The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().\n (CVE-2017-13032)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print- mobility.c:mobility_opt_print(). (CVE-2017-13023, CVE-2017-13024, CVE-2017-13025)\n\n - The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().\n (CVE-2017-13016, CVE-2017-13047)\n\n - The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().\n (CVE-2017-13027)\n\n - The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions. (CVE-2017-13014)\n\n - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().\n (CVE-2017-12998)\n\n - The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().\n (CVE-2017-13000)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().\n (CVE-2017-13035)\n\n - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().\n (CVE-2017-13036)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.\n (CVE-2017-13026)\n\n - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print- juniper.c:juniper_parse_header(). (CVE-2017-13004)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().\n (CVE-2017-13029)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().\n (CVE-2017-13009)\n\n - The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().\n (CVE-2017-13007)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().\n (CVE-2017-13008, CVE-2017-12987)\n\n - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions. (CVE-2017-12993)\n\n - The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.\n (CVE-2017-13039)\n\n - The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.\n (CVE-2017-13040)\n\n - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().\n (CVE-2017-13041)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().\n (CVE-2017-13043)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().\n (CVE-2017-13053)\n\n - The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().\n (CVE-2017-13054)\n\n - The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki- rtr.c:rpki_rtr_pdu_print(). (CVE-2017-13050)\n\n - The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.\n (CVE-2017-13690)\n\n - The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().\n (CVE-2017-13725, CVE-2017-12986)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print- isoclns.c:isis_print_is_reach_subtlv(). (CVE-2017-13055)\n\n - The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().\n (CVE-2017-13687)\n\n - The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print- resp.c:resp_get_length(). (CVE-2017-12989)\n\n - The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.\n (CVE-2017-12902)\n\n - The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().\n (CVE-2017-12995)\n\n - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring(). (CVE-2017-12894)\n\n - The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print- lldp.c:lldp_private_8021_print(). (CVE-2017-12997)\n\n - The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions. (CVE-2017-12990)\n\n - A vulnerability was found in tcpdump's verbose printing of packet data. A crafted pcap file or specially crafted network traffic could cause tcpdump to write out of bounds in the BSS segment, potentially causing tcpdump to display truncated or incorrectly decoded fields or crash with a segmentation violation. This does not affect tcpdump when used with the -w option to save a pcap file. (CVE-2017-13011)\n\n - The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len(). (CVE-2017-12893)\n\n - The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print(). (CVE-2017-12895, CVE-2017-13012)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().\n (CVE-2017-12898)\n\n - The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().\n (CVE-2017-12899)\n\n - The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().\n (CVE-2017-12901)\n\n - The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print(). (CVE-2017-12985)\n\n - The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().\n (CVE-2017-12988)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().\n (CVE-2017-12991, CVE-2017-12994, CVE-2017-13046)\n\n - The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().\n (CVE-2017-12992)\n\n - The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print(). (CVE-2017-12996)\n\n - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().\n (CVE-2017-12999)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh(). (CVE-2017-13001)\n\n - The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().\n (CVE-2017-13002)\n\n - The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print(). (CVE-2017-13003)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().\n (CVE-2017-13005)\n\n - The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.\n (CVE-2017-13006)\n\n - The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().\n (CVE-2017-13010)\n\n - The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.\n (CVE-2017-13013)\n\n - The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print(). (CVE-2017-13015)\n\n - The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().\n (CVE-2017-13017)\n\n - The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). (CVE-2017-13018, CVE-2017-13019, CVE-2017-13034)\n\n - The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). (CVE-2017-13020, CVE-2017-13033)\n\n - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().\n (CVE-2017-13021)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over- read in print-ip.c:ip_printroute(). (CVE-2017-13022)\n\n - The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().\n (CVE-2017-13028)\n\n - The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.\n (CVE-2017-13030)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over- read in print-ip.c:ip_printts(). (CVE-2017-13037)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().\n (CVE-2017-13038)\n\n - The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().\n (CVE-2017-13042)\n\n - The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().\n (CVE-2017-13044)\n\n - The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print(). (CVE-2017-13045)\n\n - The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2017-13048, CVE-2017-13051)\n\n - The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().\n (CVE-2017-13049)\n\n - The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print(). (CVE-2017-13052)\n\n - The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print(). (CVE-2017-13688)\n\n - The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().\n (CVE-2017-13689)\n\n - tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util- print.c. (CVE-2017-11541)\n\n - tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c. (CVE-2017-11542)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : tcpdump Multiple Vulnerabilities (NS-SA-2019-0071)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-11544", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0071_TCPDUMP.NASL", "href": "https://www.tenable.com/plugins/nessus/127275", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0071. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127275);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\n \"CVE-2017-11108\",\n \"CVE-2017-11541\",\n \"CVE-2017-11542\",\n \"CVE-2017-11543\",\n \"CVE-2017-11544\",\n \"CVE-2017-12893\",\n \"CVE-2017-12894\",\n \"CVE-2017-12895\",\n \"CVE-2017-12896\",\n \"CVE-2017-12897\",\n \"CVE-2017-12898\",\n \"CVE-2017-12899\",\n \"CVE-2017-12900\",\n \"CVE-2017-12901\",\n \"CVE-2017-12902\",\n \"CVE-2017-12985\",\n \"CVE-2017-12986\",\n \"CVE-2017-12987\",\n \"CVE-2017-12988\",\n \"CVE-2017-12989\",\n \"CVE-2017-12990\",\n \"CVE-2017-12991\",\n \"CVE-2017-12992\",\n \"CVE-2017-12993\",\n \"CVE-2017-12994\",\n \"CVE-2017-12995\",\n \"CVE-2017-12996\",\n \"CVE-2017-12997\",\n \"CVE-2017-12998\",\n \"CVE-2017-12999\",\n \"CVE-2017-13000\",\n \"CVE-2017-13001\",\n \"CVE-2017-13002\",\n \"CVE-2017-13003\",\n \"CVE-2017-13004\",\n \"CVE-2017-13005\",\n \"CVE-2017-13006\",\n \"CVE-2017-13007\",\n \"CVE-2017-13008\",\n \"CVE-2017-13009\",\n \"CVE-2017-13010\",\n \"CVE-2017-13011\",\n \"CVE-2017-13012\",\n \"CVE-2017-13013\",\n \"CVE-2017-13014\",\n \"CVE-2017-13015\",\n \"CVE-2017-13016\",\n \"CVE-2017-13017\",\n \"CVE-2017-13018\",\n \"CVE-2017-13019\",\n \"CVE-2017-13020\",\n \"CVE-2017-13021\",\n \"CVE-2017-13022\",\n \"CVE-2017-13023\",\n \"CVE-2017-13024\",\n \"CVE-2017-13025\",\n \"CVE-2017-13026\",\n \"CVE-2017-13027\",\n \"CVE-2017-13028\",\n \"CVE-2017-13029\",\n \"CVE-2017-13030\",\n \"CVE-2017-13031\",\n \"CVE-2017-13032\",\n \"CVE-2017-13033\",\n \"CVE-2017-13034\",\n \"CVE-2017-13035\",\n \"CVE-2017-13036\",\n \"CVE-2017-13037\",\n \"CVE-2017-13038\",\n \"CVE-2017-13039\",\n \"CVE-2017-13040\",\n \"CVE-2017-13041\",\n \"CVE-2017-13042\",\n \"CVE-2017-13043\",\n \"CVE-2017-13044\",\n \"CVE-2017-13045\",\n \"CVE-2017-13046\",\n \"CVE-2017-13047\",\n \"CVE-2017-13048\",\n \"CVE-2017-13049\",\n \"CVE-2017-13050\",\n \"CVE-2017-13051\",\n \"CVE-2017-13052\",\n \"CVE-2017-13053\",\n \"CVE-2017-13054\",\n \"CVE-2017-13055\",\n \"CVE-2017-13687\",\n \"CVE-2017-13688\",\n \"CVE-2017-13689\",\n \"CVE-2017-13690\",\n \"CVE-2017-13725\"\n );\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : tcpdump Multiple Vulnerabilities (NS-SA-2019-0071)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has tcpdump packages installed that are affected\nby multiple vulnerabilities:\n\n - Several protocol parsers in tcpdump before 4.9.2 could\n cause a buffer over-read in util-print.c:tok2strbuf().\n (CVE-2017-12900)\n\n - tcpdump 4.9.0 allows remote attackers to cause a denial\n of service (heap-based buffer over-read and application\n crash) via crafted packet data. The crash occurs in the\n EXTRACT_16BITS function, called from the stp_print\n function for the Spanning Tree Protocol.\n (CVE-2017-11108)\n\n - A vulnerability was discovered in tcpdump's handling of\n LINKTYPE_SLIP pcap files. An attacker could craft a\n malicious pcap file that would cause tcpdump to crash\n when attempting to print a summary of packet data within\n the file. (CVE-2017-11543, CVE-2017-11544)\n\n - The ISO CLNS parser in tcpdump before 4.9.2 has a buffer\n over-read in print-isoclns.c:isoclns_print().\n (CVE-2017-12897)\n\n - The ISAKMP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-isakmp.c:isakmp_rfc3948_print().\n (CVE-2017-12896)\n\n - The IPv6 fragmentation header parser in tcpdump before\n 4.9.2 has a buffer over-read in print-\n frag6.c:frag6_print(). (CVE-2017-13031)\n\n - The RADIUS parser in tcpdump before 4.9.2 has a buffer\n over-read in print-radius.c:print_attr_string().\n (CVE-2017-13032)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a\n buffer over-read in print-\n mobility.c:mobility_opt_print(). (CVE-2017-13023,\n CVE-2017-13024, CVE-2017-13025)\n\n - The ISO ES-IS parser in tcpdump before 4.9.2 has a\n buffer over-read in print-isoclns.c:esis_print().\n (CVE-2017-13016, CVE-2017-13047)\n\n - The LLDP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().\n (CVE-2017-13027)\n\n - The White Board protocol parser in tcpdump before 4.9.2\n has a buffer over-read in print-wb.c:wb_prep(), several\n functions. (CVE-2017-13014)\n\n - The IS-IS parser in tcpdump before 4.9.2 has a buffer\n over-read in print-isoclns.c:isis_print_extd_ip_reach().\n (CVE-2017-12998)\n\n - The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a\n buffer over-read in\n print-802_15_4.c:ieee802_15_4_if_print().\n (CVE-2017-13000)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a\n buffer over-read in print-isoclns.c:isis_print_id().\n (CVE-2017-13035)\n\n - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer\n over-read in print-ospf6.c:ospf6_decode_v3().\n (CVE-2017-13036)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a\n buffer over-read in print-isoclns.c, several functions.\n (CVE-2017-13026)\n\n - The Juniper protocols parser in tcpdump before 4.9.2 has\n a buffer over-read in print-\n juniper.c:juniper_parse_header(). (CVE-2017-13004)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-ppp.c:print_ccp_config_options().\n (CVE-2017-13029)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a\n buffer over-read in print-mobility.c:mobility_print().\n (CVE-2017-13009)\n\n - The Apple PKTAP parser in tcpdump before 4.9.2 has a\n buffer over-read in print-pktap.c:pktap_if_print().\n (CVE-2017-13007)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.2 has a\n buffer over-read in print-802_11.c:parse_elements().\n (CVE-2017-13008, CVE-2017-12987)\n\n - The Juniper protocols parser in tcpdump before 4.9.2 has\n a buffer over-read in print-juniper.c, several\n functions. (CVE-2017-12993)\n\n - The ISAKMP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-isakmp.c, several functions.\n (CVE-2017-13039)\n\n - The MPTCP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-mptcp.c, several functions.\n (CVE-2017-13040)\n\n - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer\n over-read in print-icmp6.c:icmp6_nodeinfo_print().\n (CVE-2017-13041)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-bgp.c:decode_multicast_vpn().\n (CVE-2017-13043)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-bgp.c:decode_rt_routing_info().\n (CVE-2017-13053)\n\n - The LLDP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-lldp.c:lldp_private_8023_print().\n (CVE-2017-13054)\n\n - The RPKI-Router parser in tcpdump before 4.9.2 has a\n buffer over-read in print-rpki-\n rtr.c:rpki_rtr_pdu_print(). (CVE-2017-13050)\n\n - The IKEv2 parser in tcpdump before 4.9.2 has a buffer\n over-read in print-isakmp.c, several functions.\n (CVE-2017-13690)\n\n - The IPv6 routing header parser in tcpdump before 4.9.2\n has a buffer over-read in print-rt6.c:rt6_print().\n (CVE-2017-13725, CVE-2017-12986)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a\n buffer over-read in print-\n isoclns.c:isis_print_is_reach_subtlv(). (CVE-2017-13055)\n\n - The Cisco HDLC parser in tcpdump before 4.9.2 has a\n buffer over-read in print-chdlc.c:chdlc_print().\n (CVE-2017-13687)\n\n - The RESP parser in tcpdump before 4.9.2 could enter an\n infinite loop due to a bug in print-\n resp.c:resp_get_length(). (CVE-2017-12989)\n\n - The Zephyr parser in tcpdump before 4.9.2 has a buffer\n over-read in print-zephyr.c, several functions.\n (CVE-2017-12902)\n\n - The DNS parser in tcpdump before 4.9.2 could enter an\n infinite loop due to a bug in print-domain.c:ns_print().\n (CVE-2017-12995)\n\n - Several protocol parsers in tcpdump before 4.9.2 could\n cause a buffer over-read in\n addrtoname.c:lookup_bytestring(). (CVE-2017-12894)\n\n - The LLDP parser in tcpdump before 4.9.2 could enter an\n infinite loop due to a bug in print-\n lldp.c:lldp_private_8021_print(). (CVE-2017-12997)\n\n - The ISAKMP parser in tcpdump before 4.9.2 could enter an\n infinite loop due to bugs in print-isakmp.c, several\n functions. (CVE-2017-12990)\n\n - A vulnerability was found in tcpdump's verbose printing\n of packet data. A crafted pcap file or specially crafted\n network traffic could cause tcpdump to write out of\n bounds in the BSS segment, potentially causing tcpdump\n to display truncated or incorrectly decoded fields or\n crash with a segmentation violation. This does not\n affect tcpdump when used with the -w option to save a\n pcap file. (CVE-2017-13011)\n\n - The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer\n over-read in smbutil.c:name_len(). (CVE-2017-12893)\n\n - The ICMP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-icmp.c:icmp_print(). (CVE-2017-12895,\n CVE-2017-13012)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer\n over-read in print-nfs.c:interp_reply().\n (CVE-2017-12898)\n\n - The DECnet parser in tcpdump before 4.9.2 has a buffer\n over-read in print-decnet.c:decnet_print().\n (CVE-2017-12899)\n\n - The EIGRP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-eigrp.c:eigrp_print().\n (CVE-2017-12901)\n\n - The IPv6 parser in tcpdump before 4.9.2 has a buffer\n over-read in print-ip6.c:ip6_print(). (CVE-2017-12985)\n\n - The telnet parser in tcpdump before 4.9.2 has a buffer\n over-read in print-telnet.c:telnet_parse().\n (CVE-2017-12988)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-bgp.c:bgp_attr_print().\n (CVE-2017-12991, CVE-2017-12994, CVE-2017-13046)\n\n - The RIPng parser in tcpdump before 4.9.2 has a buffer\n over-read in print-ripng.c:ripng_print().\n (CVE-2017-12992)\n\n - The PIMv2 parser in tcpdump before 4.9.2 has a buffer\n over-read in print-pim.c:pimv2_print(). (CVE-2017-12996)\n\n - The IS-IS parser in tcpdump before 4.9.2 has a buffer\n over-read in print-isoclns.c:isis_print().\n (CVE-2017-12999)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer\n over-read in print-nfs.c:nfs_printfh(). (CVE-2017-13001)\n\n - The AODV parser in tcpdump before 4.9.2 has a buffer\n over-read in print-aodv.c:aodv_extension().\n (CVE-2017-13002)\n\n - The LMP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-lmp.c:lmp_print(). (CVE-2017-13003)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer\n over-read in print-nfs.c:xid_map_enter().\n (CVE-2017-13005)\n\n - The L2TP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-l2tp.c, several functions.\n (CVE-2017-13006)\n\n - The BEEP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-beep.c:l_strnstart().\n (CVE-2017-13010)\n\n - The ARP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-arp.c, several functions.\n (CVE-2017-13013)\n\n - The EAP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-eap.c:eap_print(). (CVE-2017-13015)\n\n - The DHCPv6 parser in tcpdump before 4.9.2 has a buffer\n over-read in print-dhcp6.c:dhcp6opt_print().\n (CVE-2017-13017)\n\n - The PGM parser in tcpdump before 4.9.2 has a buffer\n over-read in print-pgm.c:pgm_print(). (CVE-2017-13018,\n CVE-2017-13019, CVE-2017-13034)\n\n - The VTP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-vtp.c:vtp_print(). (CVE-2017-13020,\n CVE-2017-13033)\n\n - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer\n over-read in print-icmp6.c:icmp6_print().\n (CVE-2017-13021)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over-\n read in print-ip.c:ip_printroute(). (CVE-2017-13022)\n\n - The BOOTP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-bootp.c:bootp_print().\n (CVE-2017-13028)\n\n - The PIM parser in tcpdump before 4.9.2 has a buffer\n over-read in print-pim.c, several functions.\n (CVE-2017-13030)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over-\n read in print-ip.c:ip_printts(). (CVE-2017-13037)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-ppp.c:handle_mlppp().\n (CVE-2017-13038)\n\n - The HNCP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-hncp.c:dhcpv6_print().\n (CVE-2017-13042)\n\n - The HNCP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-hncp.c:dhcpv4_print().\n (CVE-2017-13044)\n\n - The VQP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-vqp.c:vqp_print(). (CVE-2017-13045)\n\n - The RSVP parser in tcpdump before 4.9.2 has a buffer\n over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2017-13048, CVE-2017-13051)\n\n - The Rx protocol parser in tcpdump before 4.9.2 has a\n buffer over-read in print-rx.c:ubik_print().\n (CVE-2017-13049)\n\n - The CFM parser in tcpdump before 4.9.2 has a buffer\n over-read in print-cfm.c:cfm_print(). (CVE-2017-13052)\n\n - The OLSR parser in tcpdump before 4.9.2 has a buffer\n over-read in print-olsr.c:olsr_print(). (CVE-2017-13688)\n\n - The IKEv1 parser in tcpdump before 4.9.2 has a buffer\n over-read in print-isakmp.c:ikev1_id_print().\n (CVE-2017-13689)\n\n - tcpdump 4.9.0 has a heap-based buffer over-read in the\n lldp_print function in print-lldp.c, related to util-\n print.c. (CVE-2017-11541)\n\n - tcpdump 4.9.0 has a heap-based buffer over-read in the\n pimv1_print function in print-pim.c. (CVE-2017-11542)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0071\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL tcpdump packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-13725\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"tcpdump-4.9.2-3.el7\",\n \"tcpdump-debuginfo-4.9.2-3.el7\"\n ],\n \"CGSL MAIN 5.04\": [\n \"tcpdump-4.9.2-3.el7\",\n \"tcpdump-debuginfo-4.9.2-3.el7\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-17T15:27:55", "description": "New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-11T00:00:00", "type": "nessus", "title": "Slackware 13.37 / 14.0 / 14.1 / 14.2 / current : tcpdump (SSA:2017-251-03)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:tcpdump", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2017-251-03.NASL", "href": "https://www.tenable.com/plugins/nessus/103091", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2017-251-03. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103091);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n script_xref(name:\"SSA\", value:\"2017-251-03\");\n\n script_name(english:\"Slackware 13.37 / 14.0 / 14.1 / 14.2 / current : tcpdump (SSA:2017-251-03)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New tcpdump packages are available for Slackware 13.37, 14.0, 14.1,\n14.2, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.928329\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d3aa5fe6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tcpdump package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.37\", pkgname:\"tcpdump\", pkgver:\"4.9.2\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"tcpdump\", pkgver:\"4.9.2\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"tcpdump\", pkgver:\"4.9.2\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"tcpdump\", pkgver:\"4.9.2\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"tcpdump\", pkgver:\"4.9.2\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"tcpdump\", pkgver:\"4.9.2\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"tcpdump\", pkgver:\"4.9.2\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"tcpdump\", pkgver:\"4.9.2\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"tcpdump\", pkgver:\"4.9.2\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"tcpdump\", pkgver:\"4.9.2\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-18T15:32:11", "description": "Vulnerabilities in tcpdump affect AIX :\n\nhttps://vulners.com/cve/CVE-2017-12993 https://vulners.com/cve/CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RIPng component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the telnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Zephyr component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EIGRP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the tok2strbuf component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DECnet component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO CLNS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the lookup_bytestring component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the SMB/CIFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by an error in the LLDP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in the DNS component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a denial of service, caused by an error in the ISAKMP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in the RESP component. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. tcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the bittok2str_internal component. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.\ntcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the DHCPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a buffer overflow in the sliplink_print function in print-sl.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the EAP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the White Board component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ARP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BEEP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.11 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the L2TP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the AODV component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the NFS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IEEE 802.15.4 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIMv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the lldp_print function in print-lldp.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump is vulnerable to a denial of service, caused by a heap-based buffer over-read in the pimv1_print function in print-pim.c. An attacker could exploit this vulnerability to cause the application to crash. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the MPTCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISAKMP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OSPFv3 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RADIUS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 fragmentation header component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PIM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PPP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BOOTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 mobility component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ICMPv6 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VTP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the PGM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IPv6 routing headers component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv2 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the IKEv1 component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the OLSR component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Cisco HDLC component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO IS-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the LLDP component.\nBy sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the CFM component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RPKI-Router component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Rx component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the RSVP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the ISO ES-IS component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the BGP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the VQP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the HNCP component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-30T00:00:00", "type": "nessus", "title": "AIX 5.3 TL 12 : tcpdump (IV94729)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2021-01-04T00:00:00", "cpe": ["cpe:/o:ibm:aix:5.3"], "id": "AIX_IV94729.NASL", "href": "https://www.tenable.com/plugins/nessus/100472", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory tcpdump_advisory3.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100472);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n\n script_name(english:\"AIX 5.3 TL 12 : tcpdump (IV94729)\");\n script_summary(english:\"Check for APAR IV94729\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerabilities in tcpdump affect AIX :\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993 tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the Juniper component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the RIPng component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the BGP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the telnet component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IEEE 802.11 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe IPv6 routing headers component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IPv6\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the Zephyr component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the EIGRP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\ntok2strbuf component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the DECnet\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the NFS component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO CLNS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISAKMP component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the ICMP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the lookup_bytestring component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the SMB/CIFS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump is vulnerable to a denial of\nservice, caused by a heap-based buffer over-read in the pimv1_print\nfunction in print-pim.c. An attacker could exploit this vulnerability\nto cause the application to crash. tcpdump is vulnerable to a denial\nof service, caused by a heap-based buffer over-read in the lldp_print\nfunction in print-lldp.c. An attacker could exploit this vulnerability\nto cause the application to crash. tcpdump is vulnerable to a denial\nof service, caused by an error in the LLDP component. By sending\nspecially crafted data, a remote attacker could exploit this\nvulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in\nthe DNS component. By sending specially crafted data, a remote\nattacker could exploit this vulnerability to cause the application to\nenter into an infinite loop. tcpdump is vulnerable to a denial of\nservice, caused by an error in the ISAKMP component. By sending\nspecially crafted data, a remote attacker could exploit this\nvulnerability to cause the application to enter into an infinite loop.\ntcpdump is vulnerable to a denial of service, caused by an error in\nthe RESP component. By sending specially crafted data, a remote\nattacker could exploit this vulnerability to cause the application to\nenter into an infinite loop. tcpdump is vulnerable to a buffer\noverflow, caused by improper bounds checking by the\nbittok2str_internal component. By sending an overly long string\nargument, a remote attacker could overflow a buffer and execute\narbitrary code on the system or cause the application to crash.\ntcpdump is vulnerable to a denial of service, caused by a buffer\noverflow in the sliplink_print function in print-sl.c. An attacker\ncould exploit this vulnerability to cause the application to crash.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PGM component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the DHCPv6 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO ES-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump is vulnerable to a denial of service, caused by a\nbuffer overflow in the sliplink_print function in print-sl.c. An\nattacker could exploit this vulnerability to cause the application to\ncrash. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the EAP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the White Board component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ARP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the ICMP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BEEP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IPv6\nmobility component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the IEEE 802.11\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the L2TP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the NFS component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nJuniper component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the LMP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the AODV component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the NFS\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the IEEE 802.15.4 component. By sending\na specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO IS-IS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO IS-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the PIMv2\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the BGP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump is vulnerable\nto a denial of service, caused by a heap-based buffer over-read in the\nlldp_print function in print-lldp.c. An attacker could exploit this\nvulnerability to cause the application to crash. tcpdump is vulnerable\nto a denial of service, caused by a heap-based buffer over-read in the\npimv1_print function in print-pim.c. An attacker could exploit this\nvulnerability to cause the application to crash. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BGP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the HNCP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the ICMPv6 component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the MPTCP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nISAKMP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PPP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the\nOSPFv3 component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the ISO IS-IS component. By\nsending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the PGM component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the VTP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the RADIUS component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 fragmentation header component. By sending\na specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the PIM component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the PPP\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the BOOTP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the LLDP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the ISO\nIS-IS component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the IPv6 mobility component. By\nsending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 mobility component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe IPv6 mobility component. By sending a specially crafted request,\nan attacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the IP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ICMPv6 component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe VTP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the PGM component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IPv6 routing headers component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the IKEv2 component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the IKEv1\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the OLSR component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the Cisco HDLC component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe ISO IS-IS component. By sending a specially crafted request, an\nattacker could exploit this vulnerability to obtain sensitive\ninformation. tcpdump could allow a remote attacker to obtain sensitive\ninformation, caused by a buffer overread memory in the LLDP component.\nBy sending a specially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the BGP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information. tcpdump could allow a remote attacker to obtain\nsensitive information, caused by a buffer overread memory in the CFM\ncomponent. By sending a specially crafted request, an attacker could\nexploit this vulnerability to obtain sensitive information. tcpdump\ncould allow a remote attacker to obtain sensitive information, caused\nby a buffer overread memory in the RSVP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the RPKI-Router component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe Rx component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the RSVP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the ISO ES-IS component. By sending a specially\ncrafted request, an attacker could exploit this vulnerability to\nobtain sensitive information. tcpdump could allow a remote attacker to\nobtain sensitive information, caused by a buffer overread memory in\nthe BGP component. By sending a specially crafted request, an attacker\ncould exploit this vulnerability to obtain sensitive information.\ntcpdump could allow a remote attacker to obtain sensitive information,\ncaused by a buffer overread memory in the VQP component. By sending a\nspecially crafted request, an attacker could exploit this\nvulnerability to obtain sensitive information. tcpdump could allow a\nremote attacker to obtain sensitive information, caused by a buffer\noverread memory in the HNCP component. By sending a specially crafted\nrequest, an attacker could exploit this vulnerability to obtain\nsensitive information.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"5.3\", ml:\"12\", sp:\"09\", patch:\"IV94729m9a\", package:\"bos.net.tcp.server\", minfilesetver:\"5.3.12.0\", maxfilesetver:\"5.3.12.6\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-17T23:19:51", "description": "The remote host is running a version of Mac OS X that is 10.13.x prior to 10.13.1. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - APFS\n - curl\n - Dictionary Widget\n - Kernel\n - StreamingZip\n - tcpdump\n - Wi-Fi\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-10T00:00:00", "type": "nessus", "title": "macOS 10.13.x < 10.13.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000100", "CVE-2017-1000101", "CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13077", "CVE-2017-13078", "CVE-2017-13080", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725", "CVE-2017-13786", "CVE-2017-13799", "CVE-2017-13800", "CVE-2017-13801", "CVE-2017-13804", "CVE-2017-13852"], "modified": "2019-04-10T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "700512.PRM", "href": "https://www.tenable.com/plugins/nnm/700512", "sourceData": "Binary data 700512.prm", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:38:53", "description": "The remote host is running a version of Mac OS X that is 10.13.x prior to 10.13.1. It is, therefore, affected by multiple vulnerabilities in the following components :\n\n - APFS\n - curl\n - Dictionary Widget\n - Kernel\n - StreamingZip\n - tcpdump\n - Wi-Fi\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-03T00:00:00", "type": "nessus", "title": "macOS 10.13.x < 10.13.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000100", "CVE-2017-1000101", "CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13077", "CVE-2017-13078", "CVE-2017-13080", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725", "CVE-2017-13786", "CVE-2017-13799", "CVE-2017-13800", "CVE-2017-13801", "CVE-2017-13804", "CVE-2017-13808", "CVE-2017-13811", "CVE-2017-13852", "CVE-2017-13907", "CVE-2017-7170", "CVE-2018-4390", "CVE-2018-4391"], "modified": "2019-06-19T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_10_13_1.NASL", "href": "https://www.tenable.com/plugins/nessus/104378", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104378);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/06/19 15:17:43\");\n\n script_cve_id(\n \"CVE-2017-1000100\",\n \"CVE-2017-1000101\",\n \"CVE-2017-11108\",\n \"CVE-2017-11541\",\n \"CVE-2017-11542\",\n \"CVE-2017-11543\",\n \"CVE-2017-12893\",\n \"CVE-2017-12894\",\n \"CVE-2017-12895\",\n \"CVE-2017-12896\",\n \"CVE-2017-12897\",\n \"CVE-2017-12898\",\n \"CVE-2017-12899\",\n \"CVE-2017-12900\",\n \"CVE-2017-12901\",\n \"CVE-2017-12902\",\n \"CVE-2017-12985\",\n \"CVE-2017-12986\",\n \"CVE-2017-12987\",\n \"CVE-2017-12988\",\n \"CVE-2017-12989\",\n \"CVE-2017-12990\",\n \"CVE-2017-12991\",\n \"CVE-2017-12992\",\n \"CVE-2017-12993\",\n \"CVE-2017-12994\",\n \"CVE-2017-12995\",\n \"CVE-2017-12996\",\n \"CVE-2017-12997\",\n \"CVE-2017-12998\",\n \"CVE-2017-12999\",\n \"CVE-2017-13000\",\n \"CVE-2017-13001\",\n \"CVE-2017-13002\",\n \"CVE-2017-13003\",\n \"CVE-2017-13004\",\n \"CVE-2017-13005\",\n \"CVE-2017-13006\",\n \"CVE-2017-13007\",\n \"CVE-2017-13008\",\n \"CVE-2017-13009\",\n \"CVE-2017-13010\",\n \"CVE-2017-13011\",\n \"CVE-2017-13012\",\n \"CVE-2017-13013\",\n \"CVE-2017-13014\",\n \"CVE-2017-13015\",\n \"CVE-2017-13016\",\n \"CVE-2017-13017\",\n \"CVE-2017-13018\",\n \"CVE-2017-13019\",\n \"CVE-2017-13020\",\n \"CVE-2017-13021\",\n \"CVE-2017-13022\",\n \"CVE-2017-13023\",\n \"CVE-2017-13024\",\n \"CVE-2017-13025\",\n \"CVE-2017-13026\",\n \"CVE-2017-13027\",\n \"CVE-2017-13028\",\n \"CVE-2017-13029\",\n \"CVE-2017-13030\",\n \"CVE-2017-13031\",\n \"CVE-2017-13032\",\n \"CVE-2017-13033\",\n \"CVE-2017-13034\",\n \"CVE-2017-13035\",\n \"CVE-2017-13036\",\n \"CVE-2017-13037\",\n \"CVE-2017-13038\",\n \"CVE-2017-13039\",\n \"CVE-2017-13040\",\n \"CVE-2017-13041\",\n \"CVE-2017-13042\",\n \"CVE-2017-13043\",\n \"CVE-2017-13044\",\n \"CVE-2017-13045\",\n \"CVE-2017-13046\",\n \"CVE-2017-13047\",\n \"CVE-2017-13048\",\n \"CVE-2017-13049\",\n \"CVE-2017-13050\",\n \"CVE-2017-13051\",\n \"CVE-2017-13052\",\n \"CVE-2017-13053\",\n \"CVE-2017-13054\",\n \"CVE-2017-13055\",\n \"CVE-2017-13077\",\n \"CVE-2017-13078\",\n \"CVE-2017-13080\",\n \"CVE-2017-13687\",\n \"CVE-2017-13688\",\n \"CVE-2017-13689\",\n \"CVE-2017-13690\",\n \"CVE-2017-13725\",\n \"CVE-2017-13786\",\n \"CVE-2017-13799\",\n \"CVE-2017-13800\",\n \"CVE-2017-13801\",\n \"CVE-2017-13804\",\n \"CVE-2017-13808\",\n \"CVE-2017-13811\",\n \"CVE-2017-13852\",\n \"CVE-2017-13907\",\n \"CVE-2017-7170\",\n \"CVE-2018-4390\",\n \"CVE-2018-4391\"\n );\n script_bugtraq_id(\n 100249,\n 100286,\n 100913,\n 100914,\n 101274,\n 99938,\n 99939,\n 99940,\n 99941\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-10-31-2\");\n script_xref(name:\"IAVA\", value:\"2017-A-0310\");\n\n script_name(english:\"macOS 10.13.x < 10.13.1 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Mac OS X / macOS.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS update that fixes multiple security\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X that is 10.13.x\nprior to 10.13.1. It is, therefore, affected by multiple\nvulnerabilities in the following components :\n\n - APFS\n - curl\n - Dictionary Widget\n - Kernel\n - StreamingZip\n - tcpdump\n - Wi-Fi\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT208221\");\n # https://lists.apple.com/archives/security-announce/2017/Oct/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3881783e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS version 10.13.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-7170\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os) audit(AUDIT_OS_NOT, \"macOS / Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) audit(AUDIT_OS_NOT, \"macOS / Mac OS X\");\n\nmatches = pregmatch(pattern:\"Mac OS X ([0-9]+(\\.[0-9]+)+)\", string:os);\nif (empty_or_null(matches)) exit(1, \"Failed to parse the macOS / Mac OS X version ('\" + os + \"').\");\n\nversion = matches[1];\nfixed_version = \"10.13.1\";\n\nif (version !~\"^10\\.13($|[^0-9])\")\n audit(AUDIT_OS_NOT, \"macOS 10.13.x\");\n\nif (ver_compare(ver:version, fix:'10.13.1', strict:FALSE) == -1)\n{\n security_report_v4(\n port:0,\n severity:SECURITY_HOLE,\n extra:\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n'\n );\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"macOS / Mac OS X\", version);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:39:20", "description": "The remote host is running Mac OS X 10.11.6 or Mac OS X 10.12.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities affecting the following components :\n\n - 802.1X\n - apache\n - AppleScript\n - ATS\n - Audio\n - CFString\n - CoreText\n - curl\n - Dictionary Widget\n - file\n - Fonts\n - fsck_msdos\n - HFS\n - Heimdal\n - HelpViewer\n - ImageIO\n - Kernel\n - libarchive\n - Open Scripting Architecture\n - PCRE\n - Postfix\n - Quick Look\n - QuickTime\n - Remote Management\n - Sandbox\n - StreamingZip\n - tcpdump\n - Wi-Fi", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-03T00:00:00", "type": "nessus", "title": "macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-001 and 2017-004)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0736", "CVE-2016-2161", "CVE-2016-4736", "CVE-2016-5387", "CVE-2016-8740", "CVE-2016-8743", "CVE-2017-1000100", "CVE-2017-1000101", "CVE-2017-10140", "CVE-2017-11103", "CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13077", "CVE-2017-13078", "CVE-2017-13080", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725", "CVE-2017-13782", "CVE-2017-13799", "CVE-2017-13801", "CVE-2017-13804", "CVE-2017-13807", "CVE-2017-13808", "CVE-2017-13809", "CVE-2017-13810", "CVE-2017-13811", "CVE-2017-13812", "CVE-2017-13813", "CVE-2017-13814", "CVE-2017-13815", "CVE-2017-13817", "CVE-2017-13818", "CVE-2017-13819", "CVE-2017-13820", "CVE-2017-13821", "CVE-2017-13822", "CVE-2017-13823", "CVE-2017-13824", "CVE-2017-13825", "CVE-2017-13828", "CVE-2017-13829", "CVE-2017-13830", "CVE-2017-13831", "CVE-2017-13833", "CVE-2017-13834", "CVE-2017-13836", "CVE-2017-13838", "CVE-2017-13840", "CVE-2017-13841", "CVE-2017-13842", "CVE-2017-13843", "CVE-2017-13846", "CVE-2017-13906", "CVE-2017-13908", "CVE-2017-3167", "CVE-2017-3169", "CVE-2017-5130", "CVE-2017-5969", "CVE-2017-7132", "CVE-2017-7150", "CVE-2017-7170", "CVE-2017-7376", "CVE-2017-7659", "CVE-2017-7668", "CVE-2017-7679", "CVE-2017-9049", "CVE-2017-9050", "CVE-2017-9788", "CVE-2017-9789"], "modified": "2019-06-19T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOSX_SECUPD2017-004.NASL", "href": "https://www.tenable.com/plugins/nessus/104379", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104379);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/06/19 15:17:43\");\n\n script_cve_id(\n \"CVE-2016-0736\",\n \"CVE-2016-2161\",\n \"CVE-2016-4736\",\n \"CVE-2016-5387\",\n \"CVE-2016-8740\",\n \"CVE-2016-8743\",\n \"CVE-2017-1000100\",\n \"CVE-2017-1000101\",\n \"CVE-2017-10140\",\n \"CVE-2017-11103\",\n \"CVE-2017-11108\",\n \"CVE-2017-11541\",\n \"CVE-2017-11542\",\n \"CVE-2017-11543\",\n \"CVE-2017-12893\",\n \"CVE-2017-12894\",\n \"CVE-2017-12895\",\n \"CVE-2017-12896\",\n \"CVE-2017-12897\",\n \"CVE-2017-12898\",\n \"CVE-2017-12899\",\n \"CVE-2017-12900\",\n \"CVE-2017-12901\",\n \"CVE-2017-12902\",\n \"CVE-2017-12985\",\n \"CVE-2017-12986\",\n \"CVE-2017-12987\",\n \"CVE-2017-12988\",\n \"CVE-2017-12989\",\n \"CVE-2017-12990\",\n \"CVE-2017-12991\",\n \"CVE-2017-12992\",\n \"CVE-2017-12993\",\n \"CVE-2017-12994\",\n \"CVE-2017-12995\",\n \"CVE-2017-12996\",\n \"CVE-2017-12997\",\n \"CVE-2017-12998\",\n \"CVE-2017-12999\",\n \"CVE-2017-13000\",\n \"CVE-2017-13001\",\n \"CVE-2017-13002\",\n \"CVE-2017-13003\",\n \"CVE-2017-13004\",\n \"CVE-2017-13005\",\n \"CVE-2017-13006\",\n \"CVE-2017-13007\",\n \"CVE-2017-13008\",\n \"CVE-2017-13009\",\n \"CVE-2017-13010\",\n \"CVE-2017-13011\",\n \"CVE-2017-13012\",\n \"CVE-2017-13013\",\n \"CVE-2017-13014\",\n \"CVE-2017-13015\",\n \"CVE-2017-13016\",\n \"CVE-2017-13017\",\n \"CVE-2017-13018\",\n \"CVE-2017-13019\",\n \"CVE-2017-13020\",\n \"CVE-2017-13021\",\n \"CVE-2017-13022\",\n \"CVE-2017-13023\",\n \"CVE-2017-13024\",\n \"CVE-2017-13025\",\n \"CVE-2017-13026\",\n \"CVE-2017-13027\",\n \"CVE-2017-13028\",\n \"CVE-2017-13029\",\n \"CVE-2017-13030\",\n \"CVE-2017-13031\",\n \"CVE-2017-13032\",\n \"CVE-2017-13033\",\n \"CVE-2017-13034\",\n \"CVE-2017-13035\",\n \"CVE-2017-13036\",\n \"CVE-2017-13037\",\n \"CVE-2017-13038\",\n \"CVE-2017-13039\",\n \"CVE-2017-13040\",\n \"CVE-2017-13041\",\n \"CVE-2017-13042\",\n \"CVE-2017-13043\",\n \"CVE-2017-13044\",\n \"CVE-2017-13045\",\n \"CVE-2017-13046\",\n \"CVE-2017-13047\",\n \"CVE-2017-13048\",\n \"CVE-2017-13049\",\n \"CVE-2017-13050\",\n \"CVE-2017-13051\",\n \"CVE-2017-13052\",\n \"CVE-2017-13053\",\n \"CVE-2017-13054\",\n \"CVE-2017-13055\",\n \"CVE-2017-13077\",\n \"CVE-2017-13078\",\n \"CVE-2017-13080\",\n \"CVE-2017-13687\",\n \"CVE-2017-13688\",\n \"CVE-2017-13689\",\n \"CVE-2017-13690\",\n \"CVE-2017-13725\",\n \"CVE-2017-13782\",\n \"CVE-2017-13799\",\n \"CVE-2017-13801\",\n \"CVE-2017-13804\",\n \"CVE-2017-13807\",\n \"CVE-2017-13808\",\n \"CVE-2017-13809\",\n \"CVE-2017-13810\",\n \"CVE-2017-13811\",\n \"CVE-2017-13812\",\n \"CVE-2017-13813\",\n \"CVE-2017-13814\",\n \"CVE-2017-13815\",\n \"CVE-2017-13817\",\n \"CVE-2017-13818\",\n \"CVE-2017-13819\",\n \"CVE-2017-13820\",\n \"CVE-2017-13821\",\n \"CVE-2017-13822\",\n \"CVE-2017-13823\",\n \"CVE-2017-13824\",\n \"CVE-2017-13825\",\n \"CVE-2017-13828\",\n \"CVE-2017-13829\",\n \"CVE-2017-13830\",\n \"CVE-2017-13831\",\n \"CVE-2017-13833\",\n \"CVE-2017-13834\",\n \"CVE-2017-13836\",\n \"CVE-2017-13838\",\n \"CVE-2017-13840\",\n \"CVE-2017-13841\",\n \"CVE-2017-13842\",\n \"CVE-2017-13843\",\n \"CVE-2017-13846\",\n \"CVE-2017-13906\",\n \"CVE-2017-13908\",\n \"CVE-2017-3167\",\n \"CVE-2017-3169\",\n \"CVE-2017-5130\",\n \"CVE-2017-5969\",\n \"CVE-2017-7132\",\n \"CVE-2017-7150\",\n \"CVE-2017-7170\",\n \"CVE-2017-7376\",\n \"CVE-2017-7659\",\n \"CVE-2017-7668\",\n \"CVE-2017-7679\",\n \"CVE-2017-9049\",\n \"CVE-2017-9050\",\n \"CVE-2017-9788\",\n \"CVE-2017-9789\"\n );\n script_bugtraq_id(\n 100249,\n 100286,\n 100913,\n 100914,\n 101177,\n 101274,\n 101482,\n 102100,\n 91816,\n 93055,\n 94650,\n 95076,\n 95077,\n 95078,\n 96188,\n 98568,\n 98601,\n 98877,\n 99132,\n 99134,\n 99135,\n 99137,\n 99170,\n 99551,\n 99568,\n 99569,\n 99938,\n 99939,\n 99940,\n 99941\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2017-10-31-2\");\n script_xref(name:\"IAVA\", value:\"2017-A-0310\");\n\n script_name(english:\"macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-001 and 2017-004)\");\n script_summary(english:\"Checks for the presence of Security Update 2017-004.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS or Mac OS X security update that\nfixes multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running Mac OS X 10.11.6 or Mac OS X 10.12.6 and is\nmissing a security update. It is therefore, affected by multiple\nvulnerabilities affecting the following components :\n\n - 802.1X\n - apache\n - AppleScript\n - ATS\n - Audio\n - CFString\n - CoreText\n - curl\n - Dictionary Widget\n - file\n - Fonts\n - fsck_msdos\n - HFS\n - Heimdal\n - HelpViewer\n - ImageIO\n - Kernel\n - libarchive\n - Open Scripting Architecture\n - PCRE\n - Postfix\n - Quick Look\n - QuickTime\n - Remote Management\n - Sandbox\n - StreamingZip\n - tcpdump\n - Wi-Fi\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT208221\");\n # https://lists.apple.com/archives/security-announce/2017/Oct/msg00001.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3881783e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2017-004 or later for 10.11.x or\nSecurity Update 2017-001 or later for 10.12.x.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-7376\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Compare 2 patch numbers to determine if patch requirements are satisfied.\n# Return true if this patch or a later patch is applied\n# Return false otherwise\nfunction check_patch(year, number)\n{\n local_var p_split = split(patch, sep:\"-\");\n local_var p_year = int( p_split[0]);\n local_var p_num = int( p_split[1]);\n\n if (year > p_year) return TRUE;\n else if (year < p_year) return FALSE;\n else if (number >= p_num) return TRUE;\n else return FALSE;\n}\n\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\nos = get_kb_item_or_exit(\"Host/MacOSX/Version\");\n\nif (!preg(pattern:\"Mac OS X 10\\.(11\\.6|12\\.6)([^0-9]|$)\", string:os))\n audit(AUDIT_OS_NOT, \"Mac OS X 10.11.6 or Mac OS X 10.12.6\");\n\nif (\"10.11.6\" >< os)\n patch = \"2017-004\";\nelse\n patch = \"2017-001\";\n\npackages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\nsec_boms_report = pgrep(\n pattern:\"^com\\.apple\\.pkg\\.update\\.(security\\.|os\\.SecUpd).*bom$\",\n string:packages\n);\nsec_boms = split(sec_boms_report, sep:'\\n');\n\nforeach package (sec_boms)\n{\n # Grab patch year and number\n match = pregmatch(pattern:\"[^0-9](20[0-9][0-9])[-.]([0-9]{3})[^0-9]\", string:package);\n if (empty_or_null(match[1]) || empty_or_null(match[2]))\n continue;\n\n patch_found = check_patch(year:int(match[1]), number:int(match[2]));\n if (patch_found) exit(0, \"The host has Security Update \" + patch + \" or later installed and is therefore not affected.\");\n}\n\nreport = '\\n Missing security update : ' + patch;\nreport += '\\n Installed security BOMs : ';\nif (sec_boms_report) report += str_replace(find:'\\n', replace:'\\n ', string:sec_boms_report);\nelse report += 'n/a';\nreport += '\\n';\n\nsecurity_report_v4(port:0, severity:SECURITY_HOLE, extra:report, xss:TRUE);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-01-27T18:35:45", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2017-1280)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-13008", "CVE-2017-13038", "CVE-2017-13040", "CVE-2017-12902", "CVE-2017-12986", "CVE-2017-13036", "CVE-2017-13031", "CVE-2017-13037", "CVE-2017-13053", "CVE-2017-12998", "CVE-2017-13006", "CVE-2017-13049", "CVE-2017-13026", "CVE-2017-13017", "CVE-2017-12991", "CVE-2017-13016", "CVE-2017-12897", "CVE-2017-13051", "CVE-2017-13029", "CVE-2017-13035", "CVE-2017-13689", "CVE-2017-13027", "CVE-2017-13010", "CVE-2017-12900", "CVE-2017-13046", "CVE-2017-12901", "CVE-2017-13022", "CVE-2017-13019", "CVE-2017-13043", "CVE-2017-13054", "CVE-2017-13688", "CVE-2017-13050", "CVE-2017-12895", "CVE-2017-12997", "CVE-2017-13013", "CVE-2017-13048", "CVE-2017-12985", "CVE-2017-12996", "CVE-2017-13690", "CVE-2017-12992", "CVE-2017-13005", "CVE-2017-13014", "CVE-2017-13052", "CVE-2017-12993", "CVE-2017-12990", "CVE-2017-13725", "CVE-2017-13024", "CVE-2017-13028", "CVE-2017-13000", "CVE-2017-13041", "CVE-2017-13015", "CVE-2017-12988", "CVE-2017-13018", "CVE-2017-12999", "CVE-2017-13020", "CVE-2017-13032", "CVE-2017-13025", "CVE-2017-13011", "CVE-2017-13042", "CVE-2017-13003", "CVE-2017-13047", "CVE-2017-13012", "CVE-2017-13044", "CVE-2017-13004", "CVE-2017-13033", "CVE-2017-13009", "CVE-2017-13007", "CVE-2017-13055", "CVE-2017-13001", "CVE-2017-12987", "CVE-2017-13030", "CVE-2017-13023", "CVE-2017-13002", "CVE-2017-13039", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12989", "CVE-2017-12894", "CVE-2017-13021", "CVE-2017-13045", "CVE-2017-13034"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171280", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171280", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1280\");\n script_version(\"2020-01-23T15:42:05+0000\");\n script_cve_id(\"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12897\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 15:42:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:03:00 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2017-1280)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1280\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1280\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'tcpdump' package(s) announced via the EulerOS-SA-2017-1280 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2017-13048)\n\nThe ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.(CVE-2017-13013)\n\nThe VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().(CVE-2017-13033)\n\nThe OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().(CVE-2017-13036)\n\nThe ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().(CVE-2017-13047)\n\nThe IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().(CVE-2017-13025)\n\nThe PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().(CVE-2017-13019)\n\nThe IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().(CVE-2017-12985)\n\nThe IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().(CVE-2017-13725)\n\nThe telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().(CVE-2017-12988)\n\nThe BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().(CVE-2017-12991)\n\nThe MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.(CVE-2017-13040)\n\nThe PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().(CVE-2017-13029)\n\nThe IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().(CVE-2017-13000)\n\nThe IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().(CVE-2017-13022)\n\nThe ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.(CVE-2017-13039)\n\nThe IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().(CVE-2017-13031)\n\nThe PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.(CVE-2017-13030)\n\nThe BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().(CVE-2017-12994)\n\nThe BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().(CVE-2017-13043)\n\nThe VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().(CVE-2017-13045)\n\nThe LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().(CVE-2017-13054, CVE-2017-12998, CVE-2017-13014, CVE-2017-13037, CVE-2017-13690 ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.0~5.h175\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:35:25", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2017-1281)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-13008", "CVE-2017-13038", "CVE-2017-13040", "CVE-2017-12902", "CVE-2017-12986", "CVE-2017-13036", "CVE-2017-13031", "CVE-2017-13037", "CVE-2017-13053", "CVE-2017-12998", "CVE-2017-13006", "CVE-2017-13049", "CVE-2017-13026", "CVE-2017-13017", "CVE-2017-12991", "CVE-2017-13016", "CVE-2017-12897", "CVE-2017-13051", "CVE-2017-13029", "CVE-2017-13035", "CVE-2017-13689", "CVE-2017-13027", "CVE-2017-13010", "CVE-2017-12900", "CVE-2017-13046", "CVE-2017-12901", "CVE-2017-13022", "CVE-2017-13019", "CVE-2017-13043", "CVE-2017-13054", "CVE-2017-13688", "CVE-2017-13050", "CVE-2017-12895", "CVE-2017-12997", "CVE-2017-13013", "CVE-2017-13048", "CVE-2017-12985", "CVE-2017-12996", "CVE-2017-13690", "CVE-2017-12992", "CVE-2017-13005", "CVE-2017-13014", "CVE-2017-13052", "CVE-2017-12993", "CVE-2017-12990", "CVE-2017-13725", "CVE-2017-13024", "CVE-2017-13028", "CVE-2017-13000", "CVE-2017-13041", "CVE-2017-13015", "CVE-2017-12988", "CVE-2017-13018", "CVE-2017-12999", "CVE-2017-13020", "CVE-2017-13032", "CVE-2017-13025", "CVE-2017-13011", "CVE-2017-13042", "CVE-2017-13003", "CVE-2017-13047", "CVE-2017-13012", "CVE-2017-13044", "CVE-2017-13004", "CVE-2017-13033", "CVE-2017-13009", "CVE-2017-13007", "CVE-2017-13055", "CVE-2017-13001", "CVE-2017-12987", "CVE-2017-13030", "CVE-2017-13023", "CVE-2017-13002", "CVE-2017-13039", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12989", "CVE-2017-12894", "CVE-2017-13021", "CVE-2017-13045", "CVE-2017-13034"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171281", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171281", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1281\");\n script_version(\"2020-01-23T15:42:05+0000\");\n script_cve_id(\"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12897\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 15:42:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:04:12 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2017-1281)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1281\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1281\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'tcpdump' package(s) announced via the EulerOS-SA-2017-1281 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2017-13048)\n\nThe ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.(CVE-2017-13013)\n\nThe VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().(CVE-2017-13033)\n\nThe OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().(CVE-2017-13036)\n\nThe ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().(CVE-2017-13047)\n\nThe IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().(CVE-2017-13025)\n\nThe PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().(CVE-2017-13019)\n\nThe IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().(CVE-2017-12985)\n\nThe IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().(CVE-2017-13725)\n\nThe telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().(CVE-2017-12988)\n\nThe BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().(CVE-2017-12991)\n\nThe MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.(CVE-2017-13040)\n\nThe PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().(CVE-2017-13029)\n\nThe IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().(CVE-2017-13000)\n\nThe IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().(CVE-2017-13022)\n\nThe ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.(CVE-2017-13039)\n\nThe IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().(CVE-2017-13031)\n\nThe PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.(CVE-2017-13030)\n\nThe BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().(CVE-2017-12994)\n\nThe BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().(CVE-2017-13043)\n\nThe VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().(CVE-2017-13045)\n\nThe LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().(CVE-2017-13054, CVE-2017-12998, CVE-2017-13014, CVE-2017-13037, CVE-2017-13690 ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.0~5.h175\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T20:07:14", "description": "Several vulnerabilities have been discovered in tcpdump, a command-line\nnetwork traffic analyzer. These vulnerabilities might result in denial\nof service or, potentially, execution of arbitrary code.", "cvss3": {}, "published": "2018-02-07T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for tcpdump (DLA-1097-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-13008", "CVE-2017-13038", "CVE-2017-13040", "CVE-2017-12902", "CVE-2017-12986", "CVE-2017-13036", "CVE-2017-13031", "CVE-2017-12896", "CVE-2017-12893", "CVE-2017-13037", "CVE-2017-13053", "CVE-2017-12998", "CVE-2017-13006", "CVE-2017-13049", "CVE-2017-13026", "CVE-2017-13017", "CVE-2017-13687", "CVE-2017-12991", "CVE-2017-13016", "CVE-2017-12897", "CVE-2017-13051", "CVE-2017-13029", "CVE-2017-13035", "CVE-2017-13689", "CVE-2017-13027", "CVE-2017-13010", "CVE-2017-12900", "CVE-2017-13046", "CVE-2017-12901", "CVE-2017-13022", "CVE-2017-13019", "CVE-2017-13043", "CVE-2017-13054", "CVE-2017-13688", "CVE-2017-13050", "CVE-2017-12895", "CVE-2017-12997", "CVE-2017-13013", "CVE-2017-13048", "CVE-2017-12985", "CVE-2017-12996", "CVE-2017-13690", "CVE-2017-12992", "CVE-2017-13005", "CVE-2017-13014", "CVE-2017-13052", "CVE-2017-12993", "CVE-2017-12990", "CVE-2017-13725", "CVE-2017-13024", "CVE-2017-13028", "CVE-2017-13000", "CVE-2017-13041", "CVE-2017-13015", "CVE-2017-12988", "CVE-2017-13018", "CVE-2017-12999", "CVE-2017-12899", "CVE-2017-13020", "CVE-2017-13032", "CVE-2017-13025", "CVE-2017-13011", "CVE-2017-13042", "CVE-2017-13003", "CVE-2017-13047", "CVE-2017-13012", "CVE-2017-13044", "CVE-2017-13004", "CVE-2017-13033", "CVE-2017-13009", "CVE-2017-13007", "CVE-2017-13055", "CVE-2017-13001", "CVE-2017-12987", "CVE-2017-13030", "CVE-2017-13023", "CVE-2017-13002", "CVE-2017-13039", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12989", "CVE-2017-12894", "CVE-2017-13021", "CVE-2017-12898", "CVE-2017-13045", "CVE-2017-13034"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891097", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891097", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891097\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n script_name(\"Debian LTS: Security Advisory for tcpdump (DLA-1097-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-02-07 00:00:00 +0100 (Wed, 07 Feb 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2017/09/msg00014.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"tcpdump on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n4.9.2-1~deb7u1.\n\nWe recommend that you upgrade your tcpdump packages.\");\n\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in tcpdump, a command-line\nnetwork traffic analyzer. These vulnerabilities might result in denial\nof service or, potentially, execution of arbitrary code.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"tcpdump\", ver:\"4.9.2-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:40", "description": "This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2017-11-02T00:00:00", "type": "openvas", "title": "Apple MacOSX Multiple Vulnerabilities - 01 HT208221", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-13008", "CVE-2017-13038", "CVE-2017-13040", "CVE-2017-12902", "CVE-2017-12986", "CVE-2017-13036", "CVE-2017-13031", "CVE-2017-12896", "CVE-2017-12893", "CVE-2017-13037", "CVE-2017-13053", "CVE-2017-13799", "CVE-2017-12998", "CVE-2017-13006", "CVE-2017-11543", "CVE-2017-13049", "CVE-2017-13026", "CVE-2017-13017", "CVE-2017-13687", "CVE-2017-12991", "CVE-2017-13016", "CVE-2017-12897", "CVE-2017-13051", "CVE-2017-13029", "CVE-2017-13035", "CVE-2017-13689", "CVE-2017-13027", "CVE-2017-13010", "CVE-2017-12900", "CVE-2017-13046", "CVE-2017-12901", "CVE-2017-13022", "CVE-2017-13019", "CVE-2017-13043", "CVE-2017-11108", "CVE-2017-13054", "CVE-2017-13688", "CVE-2017-13050", "CVE-2017-12895", "CVE-2017-12997", "CVE-2017-13013", "CVE-2017-13048", "CVE-2017-12985", "CVE-2017-12996", "CVE-2017-13690", "CVE-2017-12992", "CVE-2017-13005", "CVE-2017-13014", "CVE-2017-13052", "CVE-2017-12993", "CVE-2017-12990", "CVE-2017-13725", "CVE-2017-13024", "CVE-2017-11542", "CVE-2017-13028", "CVE-2017-11541", "CVE-2017-13000", "CVE-2017-13041", "CVE-2017-13015", "CVE-2017-12988", "CVE-2017-13018", "CVE-2017-12999", "CVE-2017-12899", "CVE-2017-13020", "CVE-2017-13032", "CVE-2017-13025", "CVE-2017-13011", "CVE-2017-13042", "CVE-2017-13003", "CVE-2017-13047", "CVE-2017-13012", "CVE-2017-13044", "CVE-2017-13004", "CVE-2017-13033", "CVE-2017-13009", "CVE-2017-13007", "CVE-2017-13055", "CVE-2017-13001", "CVE-2017-12987", "CVE-2017-13030", "CVE-2017-13023", "CVE-2017-13002", "CVE-2017-13039", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12989", "CVE-2017-12894", "CVE-2017-13021", "CVE-2017-12898", "CVE-2017-13045", "CVE-2017-13034"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310811961", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811961", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_macosx_mult_vuln01_HT208221.nasl 14295 2019-03-18 20:16:46Z cfischer $\n#\n# Apple MacOSX Multiple Vulnerabilities - 01 HT208221\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811961\");\n script_version(\"$Revision: 14295 $\");\n script_cve_id(\"CVE-2017-13799\", \"CVE-2017-11108\", \"CVE-2017-11541\", \"CVE-2017-11542\",\n \t\t\"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\",\n\t\t\"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\",\n\t\t\"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\",\n\t\t\"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\",\n\t\t\"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\",\n\t\t\"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\",\n\t\t\"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\",\n\t\t\"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\",\n\t\t\"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\", \"CVE-2017-13009\",\n\t\t\"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\",\n\t\t\"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\",\n\t\t\"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\",\n\t\t\"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\",\n\t\t\"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\",\n\t\t\"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\",\n\t\t\"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\",\n\t\t\"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\",\n\t\t\"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\",\n\t\t\"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\",\n\t\t\"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\",\n\t\t\"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\",\n\t\t\"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n script_bugtraq_id(99938, 99941, 99940, 99939, 100913, 100914);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 21:16:46 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-11-02 12:40:42 +0530 (Thu, 02 Nov 2017)\");\n script_name(\"Apple MacOSX Multiple Vulnerabilities - 01 HT208221\");\n\n script_tag(name:\"summary\", value:\"This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to,\n\n - Multiple issues in tcpdump.\n\n - A memory corruption issue.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker\n to execute arbitrary code with system privileges and disclose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X version 10.13, 10.12.x\n through 10.12.6\");\n\n script_tag(name:\"solution\", value:\"For Apple Mac OS X version 10.13 update to\n version 10.13.1 and for versions 10.12.x through 10.12.6 apply the appropriate\n security patch from the reference links.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT208221\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.1[23]\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer || osVer !~ \"^10\\.1[23]\" || \"Mac OS X\" >!< osName){\n exit(0);\n}\n\n# if 10.12.x before 10.12.6 is running, update to 10.12.6 first and then apply patch\nif(osVer =~ \"^10\\.12\")\n{\n if(version_in_range(version:osVer, test_version:\"10.12\", test_version2:\"10.12.5\")){\n fix = \"Upgrade to latest OS release and apply patch from vendor\";\n }\n\n else if(osVer == \"10.12.6\")\n {\n buildVer = get_kb_item(\"ssh/login/osx_build\");\n # applying patch on 10.12.6 will upgrade build version to 16G1036\n # http://www.xlr8yourmac.com/index.html#MacNvidiaDriverUpdates\n if(buildVer)\n {\n if(version_is_less(version:buildVer, test_version:\"16G1036\"))\n {\n fix = \"Apply patch from vendor\";\n osVer = osVer + \" Build \" + buildVer;\n }\n }\n }\n}\n\nelse if(osVer == \"10.13\"){\n fix = \"10.13.1\";\n}\n\nif(fix)\n{\n report = report_fixed_ver(installed_version:osVer, fixed_version:fix);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-09-14T00:00:00", "type": "openvas", "title": "Ubuntu Update for tcpdump USN-3415-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-13008", "CVE-2017-13038", "CVE-2017-13040", "CVE-2017-12902", "CVE-2017-12986", "CVE-2017-13036", "CVE-2017-13031", "CVE-2017-12896", "CVE-2017-12893", "CVE-2017-13037", "CVE-2017-13053", "CVE-2017-12998", "CVE-2017-13006", "CVE-2017-11543", "CVE-2017-13049", "CVE-2017-13026", "CVE-2017-13017", "CVE-2017-13687", "CVE-2017-12991", "CVE-2017-13016", "CVE-2017-12897", "CVE-2017-13051", "CVE-2017-13029", "CVE-2017-13035", "CVE-2017-13689", "CVE-2017-13027", "CVE-2017-13010", "CVE-2017-12900", "CVE-2017-13046", "CVE-2017-12901", "CVE-2017-13022", "CVE-2017-13019", "CVE-2017-13043", "CVE-2017-11108", "CVE-2017-13054", "CVE-2017-13688", "CVE-2017-13050", "CVE-2017-12895", "CVE-2017-12997", "CVE-2017-13013", "CVE-2017-13048", "CVE-2017-12985", "CVE-2017-12996", "CVE-2017-13690", "CVE-2017-12992", "CVE-2017-13005", "CVE-2017-13014", "CVE-2017-13052", "CVE-2017-12993", "CVE-2017-12990", "CVE-2017-13725", "CVE-2017-13024", "CVE-2017-11542", "CVE-2017-13028", "CVE-2017-11541", "CVE-2017-13000", "CVE-2017-13041", "CVE-2017-13015", "CVE-2017-12988", "CVE-2017-13018", "CVE-2017-12999", "CVE-2017-12899", "CVE-2017-13020", "CVE-2017-13032", "CVE-2017-13025", "CVE-2017-13011", "CVE-2017-13042", "CVE-2017-13003", "CVE-2017-13047", "CVE-2017-13012", "CVE-2017-13044", "CVE-2017-13004", "CVE-2017-13033", "CVE-2017-13009", "CVE-2017-13007", "CVE-2017-13055", "CVE-2017-13001", "CVE-2017-12987", "CVE-2017-13030", "CVE-2017-13023", "CVE-2017-13002", "CVE-2017-13039", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12989", "CVE-2017-12894", "CVE-2017-13021", "CVE-2017-12898", "CVE-2017-13045", "CVE-2017-13034"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843302", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843302", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3415_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for tcpdump USN-3415-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843302\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-09-14 07:16:21 +0200 (Thu, 14 Sep 2017)\");\n script_cve_id(\"CVE-2017-11543\", \"CVE-2017-13011\", \"CVE-2017-12989\",\n \"CVE-2017-12990\", \"CVE-2017-12995\", \"CVE-2017-12997\", \"CVE-2017-11108\",\n \"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-12893\", \"CVE-2017-12894\",\n \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\",\n \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\",\n \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\",\n \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\",\n \"CVE-2017-12996\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\",\n \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\",\n \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\",\n \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13012\", \"CVE-2017-13013\",\n \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\",\n \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\",\n \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\",\n \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\",\n \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\",\n \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\",\n \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\",\n \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\",\n \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\",\n \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\",\n \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\",\n \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for tcpdump USN-3415-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcpdump'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Wilfried Kirsch discovered a buffer overflow\n in the SLIP decoder in tcpdump. A remote attacker could use this to cause a\n denial of service (application crash) or possibly execute arbitrary code.\n (CVE-2017-11543) Bhargava Shastry discovered a buffer overflow in the bitfield\n converter utility function bittok2str_internal() in tcpdump. A remote attacker\n could use this to cause a denial of service (application crash) or possibly\n execute arbitrary code. (CVE-2017-13011) Otto Airamo and Antti Levomki\n discovered logic errors in different protocol parsers in tcpdump that could lead\n to an infinite loop. A remote attacker could use these to cause a denial of\n service (application hang). CVE-2017-12989, CVE-2017-12990, CVE-2017-12995,\n CVE-2017-12997) Otto Airamo, Brian Carpenter, Yannick Formaggio, Kamil\n Frankowicz, Katie Holly, Kim Gwan Yeong, Antti Levomki, Henri Salo, and\n Bhargava Shastry discovered out-of-bounds reads in muliptle protocol parsers in\n tcpdump. A remote attacker could use these to cause a denial of service\n (application crash). (CVE-2017-11108, CVE-2017-11541, CVE-2017-11542,\n CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897,\n CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017-12901, CVE-2017-12902,\n CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12991,\n CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12996, CVE-2017-12998,\n CVE-2017-12999, CVE-2017-13000, CVE-2017-13001, CVE-2017-13002, CVE-2017-13003,\n CVE-2017-13004, CVE-2017-13005, CVE-2017-13006, CVE-2017-13007, CVE-2017-13008,\n CVE-2017-13009, CVE-2017-13010, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014,\n CVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017-13018, CVE-2017-13019,\n CVE-2017-13020, CVE-2017-13021, CVE-2017-13022, CVE-2017-13023, CVE-2017-13024,\n CVE-2017-13025, CVE-2017-13026, CVE-2017-13027, CVE-2017-13028, CVE-2017-13029,\n CVE-2017-13030, CVE-2017-13031, CVE-2017-13032, CVE-2017-13033, CVE-2017-13034,\n CVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038, CVE-2017-13039,\n CVE-2017-13040, CVE-2017-13041, CVE-2017-13042, CVE-2017-13043, CVE-2017-13044,\n CVE-2017-13045, CVE-2017-13046, CVE-2017-13047, CVE-2017-13048, CVE-2017-13049,\n CVE-2017-13050, CVE-2017-13051, CVE-2017-13052, CVE-2017-13053, CVE-2017-13054,\n CVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689, CVE-2017-13690,\n CVE-2017-13725)\");\n script_tag(name:\"affected\", value:\"tcpdump on Ubuntu 17.04,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3415-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3415-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|17\\.04|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"tcpdump\", ver:\"4.9.2-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU17.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"tcpdump\", ver:\"4.9.2-0ubuntu0.17.04.2\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"tcpdump\", ver:\"4.9.2-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:57", "description": "Several vulnerabilities have been discovered in tcpdump, a command-line\nnetwork traffic analyzer. These vulnerabilities might result in denial\nof service or, potentially, execution of arbitrary code.", "cvss3": {}, "published": "2017-09-13T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3971-1 (tcpdump - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-13008", "CVE-2017-13038", "CVE-2017-13040", "CVE-2017-12902", "CVE-2017-12986", "CVE-2017-13036", "CVE-2017-13031", "CVE-2017-12896", "CVE-2017-12893", "CVE-2017-13037", "CVE-2017-13053", "CVE-2017-12998", "CVE-2017-13006", "CVE-2017-11543", "CVE-2017-13049", "CVE-2017-13026", "CVE-2017-13017", "CVE-2017-13687", "CVE-2017-12991", "CVE-2017-13016", "CVE-2017-12897", "CVE-2017-13051", "CVE-2017-13029", "CVE-2017-13035", "CVE-2017-13689", "CVE-2017-13027", "CVE-2017-13010", "CVE-2017-12900", "CVE-2017-13046", "CVE-2017-12901", "CVE-2017-13022", "CVE-2017-13019", "CVE-2017-13043", "CVE-2017-11108", "CVE-2017-13054", "CVE-2017-13688", "CVE-2017-13050", "CVE-2017-12895", "CVE-2017-12997", "CVE-2017-13013", "CVE-2017-13048", "CVE-2017-12985", "CVE-2017-12996", "CVE-2017-13690", "CVE-2017-12992", "CVE-2017-13005", "CVE-2017-13014", "CVE-2017-13052", "CVE-2017-12993", "CVE-2017-12990", "CVE-2017-13725", "CVE-2017-13024", "CVE-2017-11542", "CVE-2017-13028", "CVE-2017-11541", "CVE-2017-13000", "CVE-2017-13041", "CVE-2017-13015", "CVE-2017-12988", "CVE-2017-13018", "CVE-2017-12999", "CVE-2017-12899", "CVE-2017-13020", "CVE-2017-13032", "CVE-2017-13025", "CVE-2017-13011", "CVE-2017-13042", "CVE-2017-13003", "CVE-2017-13047", "CVE-2017-13012", "CVE-2017-13044", "CVE-2017-13004", "CVE-2017-13033", "CVE-2017-13009", "CVE-2017-13007", "CVE-2017-13055", "CVE-2017-13001", "CVE-2017-12987", "CVE-2017-13030", "CVE-2017-13023", "CVE-2017-13002", "CVE-2017-13039", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12989", "CVE-2017-12894", "CVE-2017-13021", "CVE-2017-12898", "CVE-2017-13045", "CVE-2017-13034"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703971", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703971", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_3971.nasl 14280 2019-03-18 14:50:45Z cfischer $\n#\n# Auto-generated from advisory DSA 3971-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703971\");\n script_version(\"$Revision: 14280 $\");\n script_cve_id(\"CVE-2017-11108\", \"CVE-2017-11541\", \"CVE-2017-11542\", \"CVE-2017-11543\", \"CVE-2017-12893\", \"CVE-2017-12894\", \"CVE-2017-12895\", \"CVE-2017-12896\", \"CVE-2017-12897\", \"CVE-2017-12898\", \"CVE-2017-12899\", \"CVE-2017-12900\", \"CVE-2017-12901\", \"CVE-2017-12902\", \"CVE-2017-12985\", \"CVE-2017-12986\", \"CVE-2017-12987\", \"CVE-2017-12988\", \"CVE-2017-12989\", \"CVE-2017-12990\", \"CVE-2017-12991\", \"CVE-2017-12992\", \"CVE-2017-12993\", \"CVE-2017-12994\", \"CVE-2017-12995\", \"CVE-2017-12996\", \"CVE-2017-12997\", \"CVE-2017-12998\", \"CVE-2017-12999\", \"CVE-2017-13000\", \"CVE-2017-13001\", \"CVE-2017-13002\", \"CVE-2017-13003\", \"CVE-2017-13004\", \"CVE-2017-13005\", \"CVE-2017-13006\", \"CVE-2017-13007\", \"CVE-2017-13008\", \"CVE-2017-13009\", \"CVE-2017-13010\", \"CVE-2017-13011\", \"CVE-2017-13012\", \"CVE-2017-13013\", \"CVE-2017-13014\", \"CVE-2017-13015\", \"CVE-2017-13016\", \"CVE-2017-13017\", \"CVE-2017-13018\", \"CVE-2017-13019\", \"CVE-2017-13020\", \"CVE-2017-13021\", \"CVE-2017-13022\", \"CVE-2017-13023\", \"CVE-2017-13024\", \"CVE-2017-13025\", \"CVE-2017-13026\", \"CVE-2017-13027\", \"CVE-2017-13028\", \"CVE-2017-13029\", \"CVE-2017-13030\", \"CVE-2017-13031\", \"CVE-2017-13032\", \"CVE-2017-13033\", \"CVE-2017-13034\", \"CVE-2017-13035\", \"CVE-2017-13036\", \"CVE-2017-13037\", \"CVE-2017-13038\", \"CVE-2017-13039\", \"CVE-2017-13040\", \"CVE-2017-13041\", \"CVE-2017-13042\", \"CVE-2017-13043\", \"CVE-2017-13044\", \"CVE-2017-13045\", \"CVE-2017-13046\", \"CVE-2017-13047\", \"CVE-2017-13048\", \"CVE-2017-13049\", \"CVE-2017-13050\", \"CVE-2017-13051\", \"CVE-2017-13052\", \"CVE-2017-13053\", \"CVE-2017-13054\", \"CVE-2017-13055\", \"CVE-2017-13687\", \"CVE-2017-13688\", \"CVE-2017-13689\", \"CVE-2017-13690\", \"CVE-2017-13725\");\n script_name(\"Debian Security Advisory DSA 3971-1 (tcpdump - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:50:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-09-13 00:00:00 +0200 (Wed, 13 Sep 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-3971.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(8|9)\");\n script_tag(name:\"affected\", value:\"tcpdump on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), these problems have been fixed\nin version 4.9.2-1~deb8u1.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.9.2-1~deb9u1.\n\nFor the testing distribution (buster), these problems have been fixed\nin version 4.9.2-1 or earlier versions.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.9.2-1 or earlier versions.\n\nWe recommend that you upgrade your tcpdump packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in tcpdump, a command-line\nnetwork traffic analyzer. These vulnerabilities might result in denial\nof service or, potentially, execution of arbitrary code.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"tcpdump\", ver:\"4.9.2-1~deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"tcpdump\", ver:\"4.9.2-1~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "photon": [{"lastseen": "2021-11-03T08:53:03", "description": "An update of [tcpdump,ruby] packages for PhotonOS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-09-19T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2017-0034", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725", "CVE-2017-14064"], "modified": "2017-09-19T00:00:00", "id": "PHSA-2017-0034", "href": "https://github.com/vmware/photon/wiki/Security-Updates-70", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T18:09:08", "description": "Updates of ['tcpdump', 'ruby'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-19T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2017-0070", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11108", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725", "CVE-2017-14064"], "modified": "2017-09-19T00:00:00", "id": "PHSA-2017-0070", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-70", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-22T13:34:26", "description": "Package : tcpdump\nVersion : 4.9.2-1~deb7u1\nCVE ID : CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 \n CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 \n CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 \n CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 \n CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 \n CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 \n CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 \n CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 \n CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 \n CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 \n CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 \n CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 \n CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 \n CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 \n CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 \n CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 \n CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 \n CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 \n CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 \n CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 \n CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 \n CVE-2017-13725 CVE-2017-12893 \n\nSeveral vulnerabilities have been discovered in tcpdump, a command-line\nnetwork traffic analyzer. These vulnerabilities might result in denial\nof service or, potentially, execution of arbitrary code.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n4.9.2-1~deb7u1.\n\nWe recommend that you upgrade your tcpdump packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-09-15T10:18:46", "type": "debian", "title": "[SECURITY] [DLA 1097-1] tcpdump security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2017-09-15T10:18:46", "id": "DEBIAN:DLA-1097-1:0BD7E", "href": "https://lists.debian.org/debian-lts-announce/2017/09/msg00014.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T00:13:35", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3971-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nSeptember 13, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tcpdump\nCVE ID : CVE-2017-11108 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543\n CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896\n CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900\n CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986\n CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990\n CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994\n CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998\n CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002\n CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006\n CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010\n CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014\n CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018\n CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022\n CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026\n CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030\n CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034\n CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038\n CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042\n CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046\n CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050\n CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054\n CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689\n CVE-2017-13690 CVE-2017-13725\nDebian Bug : 867718 873804 873805 873806\n\nSeveral vulnerabilities have been discovered in tcpdump, a command-line\nnetwork traffic analyzer. These vulnerabilities might result in denial\nof service or, potentially, execution of arbitrary code.\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 4.9.2-1~deb8u1.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.9.2-1~deb9u1.\n\nFor the testing distribution (buster), these problems have been fixed\nin version 4.9.2-1 or earlier versions.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.9.2-1 or earlier versions.\n\nWe recommend that you upgrade your tcpdump packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-09-13T05:04:17", "type": "debian", "title": "[SECURITY] [DSA 3971-1] tcpdump security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2017-09-13T05:04:17", "id": "DEBIAN:DSA-3971-1:55E2D", "href": "https://lists.debian.org/debian-security-announce/2017/msg00233.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T21:55:08", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3971-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nSeptember 13, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : tcpdump\nCVE ID : CVE-2017-11108 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543\n CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896\n CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900\n CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986\n CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990\n CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994\n CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998\n CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002\n CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006\n CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010\n CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014\n CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018\n CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022\n CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026\n CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030\n CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034\n CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038\n CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042\n CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046\n CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050\n CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054\n CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689\n CVE-2017-13690 CVE-2017-13725\nDebian Bug : 867718 873804 873805 873806\n\nSeveral vulnerabilities have been discovered in tcpdump, a command-line\nnetwork traffic analyzer. These vulnerabilities might result in denial\nof service or, potentially, execution of arbitrary code.\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 4.9.2-1~deb8u1.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.9.2-1~deb9u1.\n\nFor the testing distribution (buster), these problems have been fixed\nin version 4.9.2-1 or earlier versions.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.9.2-1 or earlier versions.\n\nWe recommend that you upgrade your tcpdump packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-09-13T05:04:17", "type": "debian", "title": "[SECURITY] [DSA 3971-1] tcpdump security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2017-09-13T05:04:17", "id": "DEBIAN:DSA-3971-1:CDAA8", "href": "https://lists.debian.org/debian-security-announce/2017/msg00233.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2022-07-21T08:20:19", "description": "\nSeveral vulnerabilities have been discovered in tcpdump, a command-line\nnetwork traffic analyzer. These vulnerabilities might result in denial\nof service or, potentially, execution of arbitrary code.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n4.9.2-1~deb7u1.\n\n\nWe recommend that you upgrade your tcpdump packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-09-15T00:00:00", "type": "osv", "title": "tcpdump - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-13008", "CVE-2017-13038", "CVE-2017-13040", "CVE-2017-12902", "CVE-2017-12986", "CVE-2017-13036", "CVE-2017-13031", "CVE-2017-12896", "CVE-2017-12893", "CVE-2017-13037", "CVE-2017-13053", "CVE-2017-12998", "CVE-2017-13006", "CVE-2017-13049", "CVE-2017-13026", "CVE-2017-13017", "CVE-2017-13687", "CVE-2017-12991", "CVE-2017-13016", "CVE-2017-12897", "CVE-2017-13051", "CVE-2017-13029", "CVE-2017-13035", "CVE-2017-13689", "CVE-2017-13027", "CVE-2017-13010", "CVE-2017-12900", "CVE-2017-13046", "CVE-2017-12901", "CVE-2017-13022", "CVE-2017-13019", "CVE-2017-13043", "CVE-2017-13054", "CVE-2017-13688", "CVE-2017-13050", "CVE-2017-12895", "CVE-2017-12997", "CVE-2017-13013", "CVE-2017-13048", "CVE-2017-12985", "CVE-2017-12996", "CVE-2017-13690", "CVE-2017-12992", "CVE-2017-13005", "CVE-2017-13014", "CVE-2017-13052", "CVE-2017-12993", "CVE-2017-12990", "CVE-2017-13725", "CVE-2017-13024", "CVE-2017-13028", "CVE-2017-13000", "CVE-2017-13041", "CVE-2017-13015", "CVE-2017-12988", "CVE-2017-13018", "CVE-2017-12999", "CVE-2017-12899", "CVE-2017-13020", "CVE-2017-13032", "CVE-2017-13025", "CVE-2017-13011", "CVE-2017-13042", "CVE-2017-13003", "CVE-2017-13047", "CVE-2017-13012", "CVE-2017-13044", "CVE-2017-13004", "CVE-2017-13033", "CVE-2017-13009", "CVE-2017-13007", "CVE-2017-13055", "CVE-2017-13001", "CVE-2017-12987", "CVE-2017-13030", "CVE-2017-13023", "CVE-2017-13002", "CVE-2017-13039", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12989", "CVE-2017-12894", "CVE-2017-13021", "CVE-2017-12898", "CVE-2017-13045", "CVE-2017-13034"], "modified": "2022-07-21T05:51:47", "id": "OSV:DLA-1097-1", "href": "https://osv.dev/vulnerability/DLA-1097-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T07:06:41", "description": "\nSeveral vulnerabilities have been discovered in tcpdump, a command-line\nnetwork traffic analyzer. These vulnerabilities might result in denial\nof service or, potentially, execution of arbitrary code.\n\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 4.9.2-1~deb8u1.\n\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.9.2-1~deb9u1.\n\n\nFor the testing distribution (buster), these problems have been fixed\nin version 4.9.2-1 or earlier versions.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.9.2-1 or earlier versions.\n\n\nWe recommend that you upgrade your tcpdump packages.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-09-13T00:00:00", "type": "osv", "title": "tcpdump - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-13008", "CVE-2017-13038", "CVE-2017-13040", "CVE-2017-12902", "CVE-2017-12986", "CVE-2017-13036", "CVE-2017-13031", "CVE-2017-12896", "CVE-2017-12893", "CVE-2017-13037", "CVE-2017-13053", "CVE-2017-12998", "CVE-2017-13006", "CVE-2017-11543", "CVE-2017-13049", "CVE-2017-13026", "CVE-2017-13017", "CVE-2017-13687", "CVE-2017-12991", "CVE-2017-13016", "CVE-2017-12897", "CVE-2017-13051", "CVE-2017-13029", "CVE-2017-13035", "CVE-2017-13689", "CVE-2017-13027", "CVE-2017-13010", "CVE-2017-12900", "CVE-2017-13046", "CVE-2017-12901", "CVE-2017-13022", "CVE-2017-13019", "CVE-2017-13043", "CVE-2017-11108", "CVE-2017-13054", "CVE-2017-13688", "CVE-2017-13050", "CVE-2017-12895", "CVE-2017-12997", "CVE-2017-13013", "CVE-2017-13048", "CVE-2017-12985", "CVE-2017-12996", "CVE-2017-13690", "CVE-2017-12992", "CVE-2017-13005", "CVE-2017-13014", "CVE-2017-13052", "CVE-2017-12993", "CVE-2017-12990", "CVE-2017-13725", "CVE-2017-13024", "CVE-2017-11542", "CVE-2017-13028", "CVE-2017-11541", "CVE-2017-13000", "CVE-2017-13041", "CVE-2017-13015", "CVE-2017-12988", "CVE-2017-13018", "CVE-2017-12999", "CVE-2017-12899", "CVE-2017-13020", "CVE-2017-13032", "CVE-2017-13025", "CVE-2017-13011", "CVE-2017-13042", "CVE-2017-13003", "CVE-2017-13047", "CVE-2017-13012", "CVE-2017-13044", "CVE-2017-13004", "CVE-2017-13033", "CVE-2017-13009", "CVE-2017-13007", "CVE-2017-13055", "CVE-2017-13001", "CVE-2017-12987", "CVE-2017-13030", "CVE-2017-13023", "CVE-2017-13002", "CVE-2017-13039", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12989", "CVE-2017-12894", "CVE-2017-13021", "CVE-2017-12898", "CVE-2017-13045", "CVE-2017-13034"], "modified": "2022-08-10T07:06:37", "id": "OSV:DSA-3971-1", "href": "https://osv.dev/vulnerability/DSA-3971-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2023-02-08T16:13:47", "description": "New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2,\nand -current to fix security issues.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/tcpdump-4.9.2-i586-1_slack14.2.txz: Upgraded.\n This update fixes bugs and many security issues (see the included\n CHANGES file).\n For more information, see:\n https://vulners.com/cve/CVE-2017-11541\n https://vulners.com/cve/CVE-2017-11541\n https://vulners.com/cve/CVE-2017-11542\n https://vulners.com/cve/CVE-2017-11542\n https://vulners.com/cve/CVE-2017-11543\n https://vulners.com/cve/CVE-2017-11543\n https://vulners.com/cve/CVE-2017-12893\n https://vulners.com/cve/CVE-2017-12894\n https://vulners.com/cve/CVE-2017-12895\n https://vulners.com/cve/CVE-2017-12896\n https://vulners.com/cve/CVE-2017-12897\n https://vulners.com/cve/CVE-2017-12898\n https://vulners.com/cve/CVE-2017-12899\n https://vulners.com/cve/CVE-2017-12900\n https://vulners.com/cve/CVE-2017-12901\n https://vulners.com/cve/CVE-2017-12902\n https://vulners.com/cve/CVE-2017-12985\n https://vulners.com/cve/CVE-2017-12986\n https://vulners.com/cve/CVE-2017-12987\n https://vulners.com/cve/CVE-2017-12988\n https://vulners.com/cve/CVE-2017-12989\n https://vulners.com/cve/CVE-2017-12990\n https://vulners.com/cve/CVE-2017-12991\n https://vulners.com/cve/CVE-2017-12992\n https://vulners.com/cve/CVE-2017-12993\n https://vulners.com/cve/CVE-2017-12994\n https://vulners.com/cve/CVE-2017-12995\n https://vulners.com/cve/CVE-2017-12996\n https://vulners.com/cve/CVE-2017-12997\n https://vulners.com/cve/CVE-2017-12998\n https://vulners.com/cve/CVE-2017-12999\n https://vulners.com/cve/CVE-2017-13000\n https://vulners.com/cve/CVE-2017-13001\n https://vulners.com/cve/CVE-2017-13002\n https://vulners.com/cve/CVE-2017-13003\n https://vulners.com/cve/CVE-2017-13004\n https://vulners.com/cve/CVE-2017-13005\n https://vulners.com/cve/CVE-2017-13006\n https://vulners.com/cve/CVE-2017-13007\n https://vulners.com/cve/CVE-2017-13008\n https://vulners.com/cve/CVE-2017-13009\n https://vulners.com/cve/CVE-2017-13010\n https://vulners.com/cve/CVE-2017-13011\n https://vulners.com/cve/CVE-2017-13012\n https://vulners.com/cve/CVE-2017-13013\n https://vulners.com/cve/CVE-2017-13014\n https://vulners.com/cve/CVE-2017-13015\n https://vulners.com/cve/CVE-2017-13016\n https://vulners.com/cve/CVE-2017-13017\n https://vulners.com/cve/CVE-2017-13018\n https://vulners.com/cve/CVE-2017-13019\n https://vulners.com/cve/CVE-2017-13020\n https://vulners.com/cve/CVE-2017-13021\n https://vulners.com/cve/CVE-2017-13022\n https://vulners.com/cve/CVE-2017-13023\n https://vulners.com/cve/CVE-2017-13024\n https://vulners.com/cve/CVE-2017-13025\n https://vulners.com/cve/CVE-2017-13026\n https://vulners.com/cve/CVE-2017-13027\n https://vulners.com/cve/CVE-2017-13028\n https://vulners.com/cve/CVE-2017-13029\n https://vulners.com/cve/CVE-2017-13030\n https://vulners.com/cve/CVE-2017-13031\n https://vulners.com/cve/CVE-2017-13032\n https://vulners.com/cve/CVE-2017-13033\n https://vulners.com/cve/CVE-2017-13034\n https://vulners.com/cve/CVE-2017-13035\n https://vulners.com/cve/CVE-2017-13036\n https://vulners.com/cve/CVE-2017-13037\n https://vulners.com/cve/CVE-2017-13038\n https://vulners.com/cve/CVE-2017-13039\n https://vulners.com/cve/CVE-2017-13040\n https://vulners.com/cve/CVE-2017-13041\n https://vulners.com/cve/CVE-2017-13042\n https://vulners.com/cve/CVE-2017-13043\n https://vulners.com/cve/CVE-2017-13044\n https://vulners.com/cve/CVE-2017-13045\n https://vulners.com/cve/CVE-2017-13046\n https://vulners.com/cve/CVE-2017-13047\n https://vulners.com/cve/CVE-2017-13048\n https://vulners.com/cve/CVE-2017-13049\n https://vulners.com/cve/CVE-2017-13050\n https://vulners.com/cve/CVE-2017-13051\n https://vulners.com/cve/CVE-2017-13052\n https://vulners.com/cve/CVE-2017-13053\n https://vulners.com/cve/CVE-2017-13054\n https://vulners.com/cve/CVE-2017-13055\n https://vulners.com/cve/CVE-2017-13687\n https://vulners.com/cve/CVE-2017-13688\n https://vulners.com/cve/CVE-2017-13689\n https://vulners.com/cve/CVE-2017-13690\n https://vulners.com/cve/CVE-2017-13725\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/tcpdump-4.9.2-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/tcpdump-4.9.2-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/tcpdump-4.9.2-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/tcpdump-4.9.2-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/tcpdump-4.9.2-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/tcpdump-4.9.2-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/tcpdump-4.9.2-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/tcpdump-4.9.2-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/tcpdump-4.9.2-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/tcpdump-4.9.2-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.37 package:\n36a25ab80a678b54c23a144ec07599e7 tcpdump-4.9.2-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n805465d004efefd1a8262395dcccb7fc tcpdump-4.9.2-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n2abd4f36984c91691165da030b215647 tcpdump-4.9.2-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n35459d4db677645529669e4446bb1ab4 tcpdump-4.9.2-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\ne2c536ebb9883e61324387f29412d30a tcpdump-4.9.2-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n1a6df6e184ab4277c3e352a28979c681 tcpdump-4.9.2-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\ndcb4915f83f7a07c2f483853871ef39b tcpdump-4.9.2-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\nc64506c12c6ac9afaa4df8520b14452d tcpdump-4.9.2-x86_64-1_slack14.2.txz\n\nSlackware -current package:\nc572ff9d3db54f34872fd6134c30da50 n/tcpdump-4.9.2-i586-1.txz\n\nSlackware x86_64 -current package:\n1462c695af5dde636c31aa3bdeb6a101 n/tcpdump-4.9.2-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg tcpdump-4.9.2-i586-1_slack14.2.txz", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-08T18:06:49", "type": "slackware", "title": "[slackware-security] tcpdump", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2017-09-08T18:06:49", "id": "SSA-2017-251-03", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.928329", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2023-01-26T13:13:54", "description": "## Releases\n\n * Ubuntu 17.04 \n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * tcpdump \\- command-line network traffic analyzer\n\nWilfried Kirsch discovered a buffer overflow in the SLIP decoder \nin tcpdump. A remote attacker could use this to cause a denial \nof service (application crash) or possibly execute arbitrary \ncode. (CVE-2017-11543)\n\nBhargava Shastry discovered a buffer overflow in the bitfield converter \nutility function bittok2str_internal() in tcpdump. A remote attacker \ncould use this to cause a denial of service (application crash) \nor possibly execute arbitrary code. (CVE-2017-13011)\n\nOtto Airamo and Antti Levom\u00e4ki discovered logic errors in different \nprotocol parsers in tcpdump that could lead to an infinite loop. A \nremote attacker could use these to cause a denial of service \n(application hang). CVE-2017-12989, CVE-2017-12990, CVE-2017-12995, \nCVE-2017-12997)\n\nOtto Airamo, Brian Carpenter, Yannick Formaggio, Kamil Frankowicz, \nKatie Holly, Kim Gwan Yeong, Antti Levom\u00e4ki, Henri Salo, and Bhargava \nShastry discovered out-of-bounds reads in muliptle protocol parsers \nin tcpdump. A remote attacker could use these to cause a denial \nof service (application crash). (CVE-2017-11108, CVE-2017-11541, \nCVE-2017-11542, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, \nCVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, \nCVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, \nCVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12991, \nCVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12996, \nCVE-2017-12998, CVE-2017-12999, CVE-2017-13000, CVE-2017-13001, \nCVE-2017-13002, CVE-2017-13003, CVE-2017-13004, CVE-2017-13005, \nCVE-2017-13006, CVE-2017-13007, CVE-2017-13008, CVE-2017-13009, \nCVE-2017-13010, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014, \nCVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017-13018, \nCVE-2017-13019, CVE-2017-13020, CVE-2017-13021, CVE-2017-13022, \nCVE-2017-13023, CVE-2017-13024, CVE-2017-13025, CVE-2017-13026, \nCVE-2017-13027, CVE-2017-13028, CVE-2017-13029, CVE-2017-13030, \nCVE-2017-13031, CVE-2017-13032, CVE-2017-13033, CVE-2017-13034, \nCVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038, \nCVE-2017-13039, CVE-2017-13040, CVE-2017-13041, CVE-2017-13042, \nCVE-2017-13043, CVE-2017-13044, CVE-2017-13045, CVE-2017-13046, \nCVE-2017-13047, CVE-2017-13048, CVE-2017-13049, CVE-2017-13050, \nCVE-2017-13051, CVE-2017-13052, CVE-2017-13053, CVE-2017-13054, \nCVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689, \nCVE-2017-13690, CVE-2017-13725)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-14T00:00:00", "type": "ubuntu", "title": "tcpdump vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2017-09-14T00:00:00", "id": "USN-3415-1", "href": "https://ubuntu.com/security/notices/USN-3415-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T13:13:55", "description": "## Releases\n\n * Ubuntu 12.04 \n\n## Packages\n\n * tcpdump \\- command-line network traffic analyzer\n\nUSN-3415-1 fixed vulnerabilities in tcpdump for Ubuntu 14.04 LTS, \nUbuntu 16.04 LTS, and Ubuntu 17.04. This update provides the \ncorresponding tcpdump update for Ubuntu 12.04 ESM.\n\nOriginal advisory details:\n\nWilfried Kirsch discovered a buffer overflow in the SLIP decoder \nin tcpdump. A remote attacker could use this to cause a denial \nof service (application crash) or possibly execute arbitrary \ncode. (CVE-2017-11543)\n\nBhargava Shastry discovered a buffer overflow in the bitfield converter \nutility function bittok2str_internal() in tcpdump. A remote attacker \ncould use this to cause a denial of service (application crash) \nor possibly execute arbitrary code. (CVE-2017-13011)\n\nOtto Airamo and Antti Levom\u00e4ki discovered logic errors in different \nprotocol parsers in tcpdump that could lead to an infinite loop. A \nremote attacker could use these to cause a denial of service \n(application hang). CVE-2017-12989, CVE-2017-12990, CVE-2017-12995, \nCVE-2017-12997)\n\nOtto Airamo, Brian Carpenter, Yannick Formaggio, Kamil Frankowicz, \nKatie Holly, Kim Gwan Yeong, Antti Levom\u00e4ki, Henri Salo, and Bhargava \nShastry discovered out-of-bounds reads in muliptle protocol parsers \nin tcpdump. A remote attacker could use these to cause a denial \nof service (application crash). (CVE-2017-11108, CVE-2017-11541, \nCVE-2017-11542, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, \nCVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, \nCVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, \nCVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12991, \nCVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12996, \nCVE-2017-12998, CVE-2017-12999, CVE-2017-13000, CVE-2017-13001, \nCVE-2017-13002, CVE-2017-13003, CVE-2017-13004, CVE-2017-13005, \nCVE-2017-13006, CVE-2017-13007, CVE-2017-13008, CVE-2017-13009, \nCVE-2017-13010, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014, \nCVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017-13018, \nCVE-2017-13019, CVE-2017-13020, CVE-2017-13021, CVE-2017-13022, \nCVE-2017-13023, CVE-2017-13024, CVE-2017-13025, CVE-2017-13026, \nCVE-2017-13027, CVE-2017-13028, CVE-2017-13029, CVE-2017-13030, \nCVE-2017-13031, CVE-2017-13032, CVE-2017-13033, CVE-2017-13034, \nCVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038, \nCVE-2017-13039, CVE-2017-13040, CVE-2017-13041, CVE-2017-13042, \nCVE-2017-13043, CVE-2017-13044, CVE-2017-13045, CVE-2017-13046, \nCVE-2017-13047, CVE-2017-13048, CVE-2017-13049, CVE-2017-13050, \nCVE-2017-13051, CVE-2017-13052, CVE-2017-13053, CVE-2017-13054, \nCVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689, \nCVE-2017-13690, CVE-2017-13725)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-14T00:00:00", "type": "ubuntu", "title": "tcpdump vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2017-09-14T00:00:00", "id": "USN-3415-2", "href": "https://ubuntu.com/security/notices/USN-3415-2", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:57", "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n\n# Description\n\nWilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. ([CVE-2017-11543](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11543>))\n\nBhargava Shastry discovered a buffer overflow in the bitfield converter utility function bittok2str_internal() in tcpdump. A remote attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code. ([CVE-2017-13011](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13011>))\n\nOtto Airamo and Antti Levom\u00e4ki discovered logic errors in different protocol parsers in tcpdump that could lead to an infinite loop. A remote attacker could use these to cause a denial of service (application hang). [CVE-2017-12989](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12989>), [CVE-2017-12990](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12990>), [CVE-2017-12995](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12995>), [CVE-2017-12997](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12997>))\n\nOtto Airamo, Brian Carpenter, Yannick Formaggio, Kamil Frankowicz, Katie Holly, Kim Gwan Yeong, Antti Levom\u00e4ki, Henri Salo, and Bhargava Shastry discovered out-of-bounds reads in muliptle protocol parsers in tcpdump. A remote attacker could use these to cause a denial of service (application crash). ([CVE-2017-11108](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11108>), [CVE-2017-11541](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11541>), [CVE-2017-11542](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11542>), [CVE-2017-12893](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12893>), [CVE-2017-12894](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12894>), [CVE-2017-12895](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12895>), [CVE-2017-12896](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12896>), [CVE-2017-12897](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12897>), [CVE-2017-12898](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12898>), [CVE-2017-12899](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12899>), [CVE-2017-12900](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12900>), [CVE-2017-12901](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12901>), [CVE-2017-12902](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12902>), [CVE-2017-12985](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12985>), [CVE-2017-12986](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12986>), [CVE-2017-12987](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12987>), [CVE-2017-12988](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12988>), [CVE-2017-12991](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12991>), [CVE-2017-12992](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12992>), [CVE-2017-12993](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12993>), [CVE-2017-12994](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12994>), [CVE-2017-12996](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12996>), [CVE-2017-12998](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12998>), [CVE-2017-12999](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12999>), [CVE-2017-13000](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13000>), [CVE-2017-13001](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13001>), [CVE-2017-13002](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13002>), [CVE-2017-13003](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13003>), [CVE-2017-13004](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13004>), [CVE-2017-13005](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13005>), [CVE-2017-13006](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13006>), [CVE-2017-13007](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13007>), [CVE-2017-13008](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13008>), [CVE-2017-13009](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13009>), [CVE-2017-13010](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13010>), [CVE-2017-13012](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13012>), [CVE-2017-13013](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13013>), [CVE-2017-13014](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13014>), [CVE-2017-13015](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13015>), [CVE-2017-13016](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13016>), [CVE-2017-13017](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13017>), [CVE-2017-13018](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13018>), [CVE-2017-13019](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13019>), [CVE-2017-13020](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13020>), [CVE-2017-13021](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13021>), [CVE-2017-13022](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13022>), [CVE-2017-13023](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13023>), [CVE-2017-13024](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13024>), [CVE-2017-13025](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13025>), [CVE-2017-13026](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13026>), [CVE-2017-13027](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13027>), [CVE-2017-13028](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13028>), [CVE-2017-13029](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13029>), [CVE-2017-13030](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13030>), [CVE-2017-13031](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13031>), [CVE-2017-13032](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13032>), [CVE-2017-13033](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13033>), [CVE-2017-13034](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13034>), [CVE-2017-13035](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13035>), [CVE-2017-13036](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13036>), [CVE-2017-13037](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13037>), [CVE-2017-13038](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13038>), [CVE-2017-13039](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13039>), [CVE-2017-13040](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13040>), [CVE-2017-13041](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13041>), [CVE-2017-13042](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13042>), [CVE-2017-13043](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13043>), [CVE-2017-13044](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13044>), [CVE-2017-13045](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13045>), [CVE-2017-13046](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13046>), [CVE-2017-13047](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13047>), [CVE-2017-13048](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13048>), [CVE-2017-13049](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13049>), [CVE-2017-13050](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13050>), [CVE-2017-13051](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13051>), [CVE-2017-13052](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13052>), [CVE-2017-13053](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13053>), [CVE-2017-13054](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13054>), [CVE-2017-13055](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13055>), [CVE-2017-13687](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13687>), [CVE-2017-13688](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13688>), [CVE-2017-13689](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13689>), [CVE-2017-13690](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13690>), [CVE-2017-13725](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13725>))\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Cloud Foundry BOSH stemcells are vulnerable, including: \n * 3312.x versions prior to 3312.38\n * 3363.x versions prior to 3363.37\n * 3421.x versions prior to 3421.26\n * 3445.x versions prior to 3445.11\n * All other stemcells not listed.\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.155.0\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends upgrading the following BOSH stemcells: \n * Upgrade 3312.x versions prior to 3312.38\n * Upgrade 3363.x versions prior to 3363.37\n * Upgrade 3421.x versions prior to 3421.26\n * Upgrade 3445.x versions prior to 3445.11\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io>).\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.155.0 or later.\n\n# References\n\n * [USN-3415-1](<http://www.ubuntu.com/usn/usn-3415-1/>)\n * [CVE-2017-11543](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11543>)\n * [CVE-2017-13011](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13011>)\n * [CVE-2017-12989](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12989>)\n * [CVE-2017-12990](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12990>)\n * [CVE-2017-12995](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12995>)\n * [CVE-2017-12997](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12997>)\n * [CVE-2017-11108](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11108>)\n * [CVE-2017-11541](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11541>)\n * [CVE-2017-11542](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-11542>)\n * [CVE-2017-12893](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12893>)\n * [CVE-2017-12894](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12894>)\n * [CVE-2017-12895](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12895>)\n * [CVE-2017-12896](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12896>)\n * [CVE-2017-12897](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12897>)\n * [CVE-2017-12898](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12898>)\n * [CVE-2017-12899](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12899>)\n * [CVE-2017-12900](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12900>)\n * [CVE-2017-12901](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12901>)\n * [CVE-2017-12902](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12902>)\n * [CVE-2017-12985](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12985>)\n * [CVE-2017-12986](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12986>)\n * [CVE-2017-12987](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12987>)\n * [CVE-2017-12988](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12988>)\n * [CVE-2017-12991](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12991>)\n * [CVE-2017-12992](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12992>)\n * [CVE-2017-12993](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12993>)\n * [CVE-2017-12994](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12994>)\n * [CVE-2017-12996](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12996>)\n * [CVE-2017-12998](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12998>)\n * [CVE-2017-12999](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-12999>)\n * [CVE-2017-13000](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13000>)\n * [CVE-2017-13001](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13001>)\n * [CVE-2017-13002](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13002>)\n * [CVE-2017-13003](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13003>)\n * [CVE-2017-13004](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13004>)\n * [CVE-2017-13005](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13005>)\n * [CVE-2017-13006](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13006>)\n * [CVE-2017-13007](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13007>)\n * [CVE-2017-13008](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13008>)\n * [CVE-2017-13009](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13009>)\n * [CVE-2017-13010](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13010>)\n * [CVE-2017-13012](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13012>)\n * [CVE-2017-13013](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13013>)\n * [CVE-2017-13014](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13014>)\n * [CVE-2017-13015](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13015>)\n * [CVE-2017-13016](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13016>)\n * [CVE-2017-13017](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13017>)\n * [CVE-2017-13018](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13018>)\n * [CVE-2017-13019](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13019>)\n * [CVE-2017-13020](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13020>)\n * [CVE-2017-13021](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13021>)\n * [CVE-2017-13022](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13022>)\n * [CVE-2017-13023](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13023>)\n * [CVE-2017-13024](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13024>)\n * [CVE-2017-13025](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13025>)\n * [CVE-2017-13026](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13026>)\n * [CVE-2017-13027](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13027>)\n * [CVE-2017-13028](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13028>)\n * [CVE-2017-13029](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13029>)\n * [CVE-2017-13030](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13030>)\n * [CVE-2017-13031](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13031>)\n * [CVE-2017-13032](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13032>)\n * [CVE-2017-13033](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13033>)\n * [CVE-2017-13034](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13034>)\n * [CVE-2017-13035](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13035>)\n * [CVE-2017-13036](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13036>)\n * [CVE-2017-13037](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13037>)\n * [CVE-2017-13038](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13038>)\n * [CVE-2017-13039](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13039>)\n * [CVE-2017-13040](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13040>)\n * [CVE-2017-13041](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13041>)\n * [CVE-2017-13042](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13042>)\n * [CVE-2017-13043](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13043>)\n * [CVE-2017-13044](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13044>)\n * [CVE-2017-13045](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13045>)\n * [CVE-2017-13046](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13046>)\n * [CVE-2017-13047](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13047>)\n * [CVE-2017-13048](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13048>)\n * [CVE-2017-13049](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13049>)\n * [CVE-2017-13050](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13050>)\n * [CVE-2017-13051](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13051>)\n * [CVE-2017-13052](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13052>)\n * [CVE-2017-13053](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13053>)\n * [CVE-2017-13054](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13054>)\n * [CVE-2017-13055](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13055>)\n * [CVE-2017-13687](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13687>)\n * [CVE-2017-13688](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13688>)\n * [CVE-2017-13689](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13689>)\n * [CVE-2017-13690](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13690>)\n * [CVE-2017-13725](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13725>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-09-21T00:00:00", "type": "cloudfoundry", "title": "USN-3415-1: tcpdump vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-13008", "CVE-2017-13038", "CVE-2017-13040", "CVE-2017-12902", "CVE-2017-12986", "CVE-2017-13036", "CVE-2017-13031", "CVE-2017-12896", "CVE-2017-12893", "CVE-2017-13037", "CVE-2017-13053", "CVE-2017-12998", "CVE-2017-13006", "CVE-2017-11543", "CVE-2017-13049", "CVE-2017-13026", "CVE-2017-13017", "CVE-2017-13687", "CVE-2017-12991", "CVE-2017-13016", "CVE-2017-12897", "CVE-2017-13051", "CVE-2017-13029", "CVE-2017-13035", "CVE-2017-13689", "CVE-2017-13027", "CVE-2017-13010", "CVE-2017-12900", "CVE-2017-13046", "CVE-2017-12901", "CVE-2017-13022", "CVE-2017-13019", "CVE-2017-13043", "CVE-2017-11108", "CVE-2017-13054", "CVE-2017-13688", "CVE-2017-13050", "CVE-2017-12895", "CVE-2017-12997", "CVE-2017-13013", "CVE-2017-13048", "CVE-2017-12985", "CVE-2017-12996", "CVE-2017-13690", "CVE-2017-12992", "CVE-2017-13005", "CVE-2017-13014", "CVE-2017-13052", "CVE-2017-12993", "CVE-2017-12990", "CVE-2017-13725", "CVE-2017-13024", "CVE-2017-11542", "CVE-2017-13028", "CVE-2017-11541", "CVE-2017-13000", "CVE-2017-13041", "CVE-2017-13015", "CVE-2017-12988", "CVE-2017-13018", "CVE-2017-12999", "CVE-2017-12899", "CVE-2017-13020", "CVE-2017-13032", "CVE-2017-13025", "CVE-2017-13011", "CVE-2017-13042", "CVE-2017-13003", "CVE-2017-13047", "CVE-2017-13012", "CVE-2017-13044", "CVE-2017-13004", "CVE-2017-13033", "CVE-2017-13009", "CVE-2017-13007", "CVE-2017-13055", "CVE-2017-13001", "CVE-2017-12987", "CVE-2017-13030", "CVE-2017-13023", "CVE-2017-13002", "CVE-2017-13039", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12989", "CVE-2017-12894", "CVE-2017-13021", "CVE-2017-12898", "CVE-2017-13045", "CVE-2017-13034"], "modified": "2017-09-21T00:00:00", "id": "CFOUNDRY:CDEF392A40CEDCB7569EAF5293B5C0AA", "href": "https://www.cloudfoundry.org/blog/usn-3415-1/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "aix": [{"lastseen": "2023-02-08T18:04:51", "description": "IBM SECURITY ADVISORY\n\nFirst Issued: Wed Nov 8 09:27:01 CST 2017 \n|Updated: Wed Feb 28 09:33:13 CST 2018 \n|Update: Corrected the APARs listed under the APAR section.\n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc\nhttps://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc\nftp://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc\n\nSecurity Bulletin: Vulnerabilities in tcpdump affect AIX\n\nNote: See section IV for full CVE details.\n===============================================================================\n\nSUMMARY:\n\n There are multiple vulnerabilities in tcpdump that impact AIX. \n\n\n===============================================================================\n \nI. AFFECTED PRODUCTS AND VERSIONS:\n \n AIX 5.3, 6.1, 7.1, 7.2\n VIOS 2.2\n \n The following fileset levels are vulnerable:\n \n key_fileset = aix\n \n Fileset Lower Level Upper Level KEY\n -----------------------------------------------------\n bos.net.tcp.server 5.3.12.0 5.3.12.6 key_w_fs\n bos.net.tcp.server 6.1.9.0 6.1.9.300 key_w_fs\n bos.net.tcp.server 7.1.3.0 7.1.3.49 key_w_fs\n bos.net.tcp.server 7.1.4.0 7.1.4.32 key_w_fs\n bos.net.tcp.tcpdump 7.2.0.0 7.2.0.3 key_w_fs\n bos.net.tcp.tcpdump 7.2.1.0 7.2.1.1 key_w_fs\n \n \n Note: To find out whether the affected filesets are installed \n on your systems, refer to the lslpp command found in AIX user's\n guide.\n\n Example: lslpp -L | grep -i bos.net.tcp.server \n\n\nII. REMEDIATION:\n\n A. FIXES\n\n Fixes are available.\n\n The fixes can be downloaded via ftp or http from:\n\n ftp://aix.software.ibm.com/aix/efixes/security/tcpdump_fix3.tar\n http://aix.software.ibm.com/aix/efixes/security/tcpdump_fix3.tar\n https://aix.software.ibm.com/aix/efixes/security/tcpdump_fix3.tar \n\n The links above are to a tar file containing this signed\n advisory, interim fixes, and OpenSSL signatures for each interim fix.\n The fixes below include prerequisite checking. This will\n enforce the correct mapping between the fixes and AIX\n Technology Levels.\n\n AIX Level Interim Fix (*.Z) KEY\n ----------------------------------------------\n 5.3.12.9 IV94729m9a.171009.epkg.Z key_w_fix\n 6.1.9.8 IV94728mAa.171008.epkg.Z key_w_fix\n 6.1.9.9 IV94728mAa.171008.epkg.Z key_w_fix\n 6.1.9.10 IV94728mAa.171008.epkg.Z key_w_fix\n 7.1.3.7 IV94727m9a.171009.epkg.Z key_w_fix\n 7.1.3.8 IV94727m9a.171009.epkg.Z key_w_fix\n 7.1.3.9 IV94727m9a.171009.epkg.Z key_w_fix\n 7.1.4.3 IV94726m5a.171009.epkg.Z key_w_fix\n 7.1.4.4 IV94726m5a.171009.epkg.Z key_w_fix\n 7.1.4.5 IV94726m5a.171009.epkg.Z key_w_fix\n 7.2.0.3 IV94724m5a.171009.epkg.Z key_w_fix\n 7.2.0.4 IV94724m5a.171009.epkg.Z key_w_fix\n 7.2.0.5 IV94724m5a.171009.epkg.Z key_w_fix\n 7.2.1.1 IV94723m3a.171009.epkg.Z key_w_fix\n 7.2.1.2 IV94723m3a.171009.epkg.Z key_w_fix\n 7.2.1.3 IV94723m3a.171009.epkg.Z key_w_fix\n\n Please note that the above tables refer to AIX TL/SP level as\n opposed to fileset level, i.e., 7.1.3.8 is AIX 7100-03-08.\n \n VIOS Level Interim Fix (*.Z) KEY\n ----------------------------------------------\n 2.2.5.20 IV94728mAa.171008.epkg.Z key_w_fix\n 2.2.6.0 IV94728mAa.171008.epkg.Z key_w_fix \n 2.2.6.10 IV94728mAa.171008.epkg.Z key_w_fix\n\n The above fixes are cumulative and address previously issued\n AIX tcpdump security bulletins with respect to SP and TL.\n\n To extract the fixes from the tar file:\n\n tar xvf tcpdump_fix3.tar\n cd tcpdump_fix3\n\n Verify you have retrieved the fixes intact:\n\n The checksums below were generated using the\n \"openssl dgst -sha256 [filename]\" command as the following:\n\n openssl dgst -sha256 filename KEY\n -----------------------------------------------------------------------------------------------------\n 6248b20c3af88225f6be5bd84f2ff3a901a8db300609dbd11e652a0d1fd831a5 IV94723m3a.171009.epkg.Z key_w_csum\n a52bba4e3411a861e52f11cc961cc7a79be4f3359c56b256bad0888eb77309eb IV94724m5a.171009.epkg.Z key_w_csum\n 178f356ad65b89b2584397506851a29af4ba5d280f51f7483e9d9ecfb6f01d7a IV94726m5a.171009.epkg.Z key_w_csum\n 1d8cb7ecd0dd3f167860b4db7eab3a2b349e787b4f23858f02cd31bfab8278fa IV94727m9a.171009.epkg.Z key_w_csum\n c1fff8799746a5d2eac51de70c51ef414f536c1bc7cd68174b087ba4e14cb59b IV94728mAa.171008.epkg.Z key_w_csum\n d03367a2507bb0bb2ddb358b15ccc8303c5b7a0cb170f4b08dccb12246e4122f IV94729m9a.171009.epkg.Z key_w_csum\n\n \n These sums should match exactly. The OpenSSL signatures in the tar\n file and on this advisory can also be used to verify the\n integrity of the fixes. If the sums or signatures cannot be\n confirmed, contact IBM AIX Support at https://ibm.com/support/\n and describe the discrepancy.\n \n openssl dgst -sha1 -verify [pubkey_file] -signature [advisory_file].sig [advisory_file]\n\n openssl dgst -sha1 -verify [pubkey_file] -signature [ifix_file].sig [ifix_file]\n\n Published advisory OpenSSL signature file location:\n\n http://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc.sig\n https://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc.sig\n ftp://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc.sig \n\n B. INTERIM FIX INSTALLATION\n\n IMPORTANT: If possible, it is recommended that a mksysb backup\n of the system be created. Verify it is both bootable and\n readable before proceeding.\n\n To preview a fix installation:\n\n installp -a -d fix_name -p all # where fix_name is the name of the\n # fix package being previewed.\n \n To install a fix package:\n\n installp -a -d fix_name -X all # where fix_name is the name of the\n # fix package being installed.\n\n Interim fixes have had limited functional and regression\n testing but not the full regression testing that takes place\n for Service Packs; however, IBM does fully support them.\n\n Interim fix management documentation can be found at:\n http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n\n To preview an interim fix installation:\n\n emgr -e ipkg_name -p # where ipkg_name is the name of the\n # interim fix package being previewed.\n\n To install an interim fix package:\n \n emgr -e ipkg_name -X # where ipkg_name is the name of the\n # interim fix package being installed.\n\n C. APARS\n \n IBM has assigned the following APARs to this problem:\n\n AIX Level APAR Availability SP KEY\n ------------------------------------------------\n| 5.3.12 IJ00568 ** N/A key_w_apar\n| 6.1.9 IJ00563 ** SP11 key_w_apar\n| 7.1.3 IJ00564 ** N/A key_w_apar\n| 7.1.4 IJ00565 ** SP6 key_w_apar\n| 7.2.0 IJ00566 ** SP6 key_w_apar\n| 7.2.1 IJ00567 ** SP4 key_w_apar\n\n ** Please refer to AIX support lifecycle information page for availability\n of Service Packs:\n http://www-01.ibm.com/support/docview.wss?uid=isg3T1012517\n\n Subscribe to the APARs here:\n\n| https://www.ibm.com/support/docview.wss?uid=isg1IJ00568\n| https://www.ibm.com/support/docview.wss?uid=isg1IJ00563\n| https://www.ibm.com/support/docview.wss?uid=isg1IJ00564\n| https://www.ibm.com/support/docview.wss?uid=isg1IJ00565\n| https://www.ibm.com/support/docview.wss?uid=isg1IJ00566\n| https://www.ibm.com/support/docview.wss?uid=isg1IJ00567\n \n By subscribing, you will receive periodic email alerting you\n to the status of the APAR, and a link to download the fix once\n it becomes available.\n\n\nIII. WORKAROUNDS AND MITIGATIONS:\n\n None.\n\n\nIV.VULNERABILITY DETAILS:\n\n Vulnerabilities in tcpdump affect AIX:\n\n CVEID: CVE-2017-12993 \n https://vulners.com/cve/CVE-2017-12993\n https://vulners.com/cve/CVE-2017-12993\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the Juniper\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131892 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12992 \n https://vulners.com/cve/CVE-2017-12992\n https://vulners.com/cve/CVE-2017-12992\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the RIPng\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131891 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12991 \n https://vulners.com/cve/CVE-2017-12991\n https://vulners.com/cve/CVE-2017-12991\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the BGP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131886 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12988 \n https://vulners.com/cve/CVE-2017-12988\n https://vulners.com/cve/CVE-2017-12988\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the telnet\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131885 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12987 \n https://vulners.com/cve/CVE-2017-12987\n https://vulners.com/cve/CVE-2017-12987\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IEEE 802.11\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131883 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12986 \n https://vulners.com/cve/CVE-2017-12986 \n https://vulners.com/cve/CVE-2017-12986\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IPv6 routing\n headers component. By sending a specially crafted request, an\n attacker could exploit this vulnerability to obtain sensitive\n information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131876 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12985 \n https://vulners.com/cve/CVE-2017-12985\n https://vulners.com/cve/CVE-2017-12985\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IPv6\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131875 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12902 \n https://vulners.com/cve/CVE-2017-12902\n https://vulners.com/cve/CVE-2017-12902\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the Zephyr\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131874 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12901 \n https://vulners.com/cve/CVE-2017-12901\n https://vulners.com/cve/CVE-2017-12901\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the EIGRP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131873 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12900 \n https://vulners.com/cve/CVE-2017-12900\n https://vulners.com/cve/CVE-2017-12900\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the tok2strbuf\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131872 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12899 \n https://vulners.com/cve/CVE-2017-12899\n https://vulners.com/cve/CVE-2017-12899\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the DECnet\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131871 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12898 \n https://vulners.com/cve/CVE-2017-12898\n https://vulners.com/cve/CVE-2017-12898\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the NFS component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131868 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12897 \n https://vulners.com/cve/CVE-2017-12897\n https://vulners.com/cve/CVE-2017-12897\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ISO CLNS\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131867 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12896 \n https://vulners.com/cve/CVE-2017-12896\n https://vulners.com/cve/CVE-2017-12896\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ISAKMP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131877 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12895 \n https://vulners.com/cve/CVE-2017-12895\n https://vulners.com/cve/CVE-2017-12895\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ICMP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131865 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12894 \n https://vulners.com/cve/CVE-2017-12894\n https://vulners.com/cve/CVE-2017-12894\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the\n lookup_bytestring component. By sending a specially crafted request,\n an attacker could exploit this vulnerability to obtain sensitive\n information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131864 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12893 \n https://vulners.com/cve/CVE-2017-12893\n https://vulners.com/cve/CVE-2017-12893\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the SMB/CIFS\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131810 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-11542 \n https://vulners.com/cve/CVE-2017-11542\n https://vulners.com/cve/CVE-2017-11542\n DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a\n heap-based buffer over-read in the pimv1_print function in\n print-pim.c. An attacker could exploit this vulnerability to cause\n the application to crash. \n CVSS Base Score: 7.5 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/129253 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n CVEID: CVE-2017-11541 \n https://vulners.com/cve/CVE-2017-11541\n https://vulners.com/cve/CVE-2017-11541\n DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a\n heap-based buffer over-read in the lldp_print function in\n print-lldp.c. An attacker could exploit this vulnerability to cause\n the application to crash. \n CVSS Base Score: 7.5 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/129252 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n CVEID: CVE-2017-12997 \n https://vulners.com/cve/CVE-2017-12997\n https://vulners.com/cve/CVE-2017-12997\n DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by an\n error in the LLDP component. By sending specially crafted data, a\n remote attacker could exploit this vulnerability to cause the\n application to enter into an infinite loop. \n CVSS Base Score: 7.5 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131809 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n CVEID: CVE-2017-12995 \n https://vulners.com/cve/CVE-2017-12995\n https://vulners.com/cve/CVE-2017-12995\n DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by an\n error in the DNS component. By sending specially crafted data, a\n remote attacker could exploit this vulnerability to cause the\n application to enter into an infinite loop. \n CVSS Base Score: 7.5 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131808 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n CVEID: CVE-2017-12990 \n https://vulners.com/cve/CVE-2017-12990\n https://vulners.com/cve/CVE-2017-12990\n DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by an\n error in the ISAKMP component. By sending specially crafted data, a\n remote attacker could exploit this vulnerability to cause the\n application to enter into an infinite loop. \n CVSS Base Score: 7.5 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131807 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n CVEID: CVE-2017-12989 \n https://vulners.com/cve/CVE-2017-12989\n https://vulners.com/cve/CVE-2017-12989\n DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by an\n error in the RESP component. By sending specially crafted data, a\n remote attacker could exploit this vulnerability to cause the\n application to enter into an infinite loop. \n CVSS Base Score: 7.5 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131794 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n CVEID: CVE-2017-13011 \n https://vulners.com/cve/CVE-2017-13011\n https://vulners.com/cve/CVE-2017-13011\n DESCRIPTION: tcpdump is vulnerable to a buffer overflow, caused by\n improper bounds checking by the bittok2str_internal component. By\n sending an overly long string argument, a remote attacker could\n overflow a buffer and execute arbitrary code on the system or cause\n the application to crash. \n CVSS Base Score: 7.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131781 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n CVEID: CVE-2017-11543 \n https://vulners.com/cve/CVE-2017-11543\n https://vulners.com/cve/CVE-2017-11543\n DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a\n buffer overflow in the sliplink_print function in print-sl.c. An\n attacker could exploit this vulnerability to cause the application\n to crash. \n CVSS Base Score: 7.5 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/129254 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n CVEID: CVE-2017-13018 \n https://vulners.com/cve/CVE-2017-13018\n https://vulners.com/cve/CVE-2017-13018\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the PGM component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131912 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13017 \n https://vulners.com/cve/CVE-2017-13017\n https://vulners.com/cve/CVE-2017-13017\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the DHCPv6\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131911 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13016 \n https://vulners.com/cve/CVE-2017-13016\n https://vulners.com/cve/CVE-2017-13016\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ISO ES-IS\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131909 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-11543 \n https://vulners.com/cve/CVE-2017-11543\n https://vulners.com/cve/CVE-2017-11543\n DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a\n buffer overflow in the sliplink_print function in print-sl.c. An\n attacker could exploit this vulnerability to cause the application\n to crash. \n CVSS Base Score: 7.5 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/129254 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n CVEID: CVE-2017-13015 \n https://vulners.com/cve/CVE-2017-13015\n https://vulners.com/cve/CVE-2017-13015\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the EAP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131908 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13014 \n https://vulners.com/cve/CVE-2017-13014\n https://vulners.com/cve/CVE-2017-13014\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the White Board\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131907 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13013 \n https://vulners.com/cve/CVE-2017-13013\n https://vulners.com/cve/CVE-2017-13013\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ARP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131906 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13012 \n https://vulners.com/cve/CVE-2017-13012\n https://vulners.com/cve/CVE-2017-13012\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ICMP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131878 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13010 \n https://vulners.com/cve/CVE-2017-13010\n https://vulners.com/cve/CVE-2017-13010\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the BEEP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131905 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13009 \n https://vulners.com/cve/CVE-2017-13009\n https://vulners.com/cve/CVE-2017-13009\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IPv6 mobility\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131879 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13008 \n https://vulners.com/cve/CVE-2017-13008\n https://vulners.com/cve/CVE-2017-13008\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IEEE 802.11\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131884 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13006 \n https://vulners.com/cve/CVE-2017-13006\n https://vulners.com/cve/CVE-2017-13006\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the L2TP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131903 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13005 \n https://vulners.com/cve/CVE-2017-13005\n https://vulners.com/cve/CVE-2017-13005\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the NFS component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131869 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13004 \n https://vulners.com/cve/CVE-2017-13004\n https://vulners.com/cve/CVE-2017-13004\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the Juniper\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131893 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13003 \n https://vulners.com/cve/CVE-2017-13003\n https://vulners.com/cve/CVE-2017-13003\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the LMP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131902 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13002 \n https://vulners.com/cve/CVE-2017-13002\n https://vulners.com/cve/CVE-2017-13002\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the AODV\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131901 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13001 \n https://vulners.com/cve/CVE-2017-13001\n https://vulners.com/cve/CVE-2017-13001\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the NFS component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131870 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13000 \n https://vulners.com/cve/CVE-2017-13000\n https://vulners.com/cve/CVE-2017-13000\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IEEE 802.15.4\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131900 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12999 \n https://vulners.com/cve/CVE-2017-12999\n https://vulners.com/cve/CVE-2017-12999\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ISO IS-IS\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131896 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12998 \n https://vulners.com/cve/CVE-2017-12998\n https://vulners.com/cve/CVE-2017-12998\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ISO IS-IS\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131895 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12996 \n https://vulners.com/cve/CVE-2017-12996\n https://vulners.com/cve/CVE-2017-12996\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the PIMv2\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131894 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-12994 \n https://vulners.com/cve/CVE-2017-12994\n https://vulners.com/cve/CVE-2017-12994\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the BGP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131887 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-11541 \n https://vulners.com/cve/CVE-2017-11541\n https://vulners.com/cve/CVE-2017-11541\n DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a\n heap-based buffer over-read in the lldp_print function in\n print-lldp.c. An attacker could exploit this vulnerability to cause\n the application to crash.\n CVSS Base Score: 7.5 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/129252 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n CVEID: CVE-2017-11542 \n https://vulners.com/cve/CVE-2017-11542\n https://vulners.com/cve/CVE-2017-11542\n DESCRIPTION: tcpdump is vulnerable to a denial of service, caused by a\n heap-based buffer over-read in the pimv1_print function in\n print-pim.c. An attacker could exploit this vulnerability to cause\n the application to crash.\n CVSS Base Score: 7.5 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/129253 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n CVEID: CVE-2017-13043 \n https://vulners.com/cve/CVE-2017-13043\n https://vulners.com/cve/CVE-2017-13043\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the BGP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131890 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13042 \n https://vulners.com/cve/CVE-2017-13042\n https://vulners.com/cve/CVE-2017-13042\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the HNCP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/132002 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13041 \n https://vulners.com/cve/CVE-2017-13041\n https://vulners.com/cve/CVE-2017-13041\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ICMPv6\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131985 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13040 \n https://vulners.com/cve/CVE-2017-13040\n https://vulners.com/cve/CVE-2017-13040\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the MPTCP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/132001 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13039 \n https://vulners.com/cve/CVE-2017-13039\n https://vulners.com/cve/CVE-2017-13039\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ISAKMP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131866 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13038 \n https://vulners.com/cve/CVE-2017-13038\n https://vulners.com/cve/CVE-2017-13038\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the PPP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/132000 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13037 \n https://vulners.com/cve/CVE-2017-13037\n https://vulners.com/cve/CVE-2017-13037\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131999 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13036 \n https://vulners.com/cve/CVE-2017-13036\n https://vulners.com/cve/CVE-2017-13036\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the OSPFv3\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131998 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13035 \n https://vulners.com/cve/CVE-2017-13035\n https://vulners.com/cve/CVE-2017-13035\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ISO IS-IS\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131899 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13034 \n https://vulners.com/cve/CVE-2017-13034\n https://vulners.com/cve/CVE-2017-13034\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the PGM component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131914 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13033 \n https://vulners.com/cve/CVE-2017-13033\n https://vulners.com/cve/CVE-2017-13033\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the VTP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131983 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13032 \n https://vulners.com/cve/CVE-2017-13032\n https://vulners.com/cve/CVE-2017-13032\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the RADIUS\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131997 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13031 \n https://vulners.com/cve/CVE-2017-13031\n https://vulners.com/cve/CVE-2017-13031\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IPv6\n fragmentation header component. By sending a specially crafted\n request, an attacker could exploit this vulnerability to obtain\n sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131996 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13030 \n https://vulners.com/cve/CVE-2017-13030\n https://vulners.com/cve/CVE-2017-13030\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the PIM component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131991 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13029 \n https://vulners.com/cve/CVE-2017-13029\n https://vulners.com/cve/CVE-2017-13029\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the PPP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131990 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13028 \n https://vulners.com/cve/CVE-2017-13028\n https://vulners.com/cve/CVE-2017-13028\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the BOOTP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131989 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13027 \n https://vulners.com/cve/CVE-2017-13027\n https://vulners.com/cve/CVE-2017-13027\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the LLDP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131987 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13026 \n https://vulners.com/cve/CVE-2017-13026\n https://vulners.com/cve/CVE-2017-13026\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ISO IS-IS\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131897 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13025 \n https://vulners.com/cve/CVE-2017-13025\n https://vulners.com/cve/CVE-2017-13025\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IPv6 mobility\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131882 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13024 \n https://vulners.com/cve/CVE-2017-13024\n https://vulners.com/cve/CVE-2017-13024\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IPv6 mobility\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131881 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13023 \n https://vulners.com/cve/CVE-2017-13023\n https://vulners.com/cve/CVE-2017-13023\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IPv6 mobility\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131880 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13022 \n https://vulners.com/cve/CVE-2017-13022\n https://vulners.com/cve/CVE-2017-13022\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131986 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13021 \n https://vulners.com/cve/CVE-2017-13021\n https://vulners.com/cve/CVE-2017-13021\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ICMPv6\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131984 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13020 \n https://vulners.com/cve/CVE-2017-13020\n https://vulners.com/cve/CVE-2017-13020\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the VTP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131982 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13019 \n https://vulners.com/cve/CVE-2017-13019\n https://vulners.com/cve/CVE-2017-13019\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the PGM component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131913 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13725 \n https://vulners.com/cve/CVE-2017-13725\n https://vulners.com/cve/CVE-2017-13725\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IPv6 routing\n headers component. By sending a specially crafted request, an\n attacker could exploit this vulnerability to obtain sensitive\n information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/132014 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13690 \n https://vulners.com/cve/CVE-2017-13690\n https://vulners.com/cve/CVE-2017-13690\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IKEv2\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/132013 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13689 \n https://vulners.com/cve/CVE-2017-13689\n https://vulners.com/cve/CVE-2017-13689\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the IKEv1\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/132012 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13688 \n https://vulners.com/cve/CVE-2017-13688\n https://vulners.com/cve/CVE-2017-13688\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the OLSR\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/132011 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13687 \n https://vulners.com/cve/CVE-2017-13687\n https://vulners.com/cve/CVE-2017-13687\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the Cisco HDLC\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/132010 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13055 \n https://vulners.com/cve/CVE-2017-13055\n https://vulners.com/cve/CVE-2017-13055\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ISO IS-IS\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/131898 for the \n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13054\n https://vulners.com/cve/CVE-2017-13054\n https://vulners.com/cve/CVE-2017-13054\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the LLDP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/131988 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13053\n https://vulners.com/cve/CVE-2017-13053\n https://vulners.com/cve/CVE-2017-13053\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the BGP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/131888 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13052\n https://vulners.com/cve/CVE-2017-13052\n https://vulners.com/cve/CVE-2017-13052\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the CFM component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/132009 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13051\n https://vulners.com/cve/CVE-2017-13051\n https://vulners.com/cve/CVE-2017-13051\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the RSVP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/132006 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13050\n https://vulners.com/cve/CVE-2017-13050\n https://vulners.com/cve/CVE-2017-13050\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the RPKI-Router\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/132008 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13049\n https://vulners.com/cve/CVE-2017-13049\n https://vulners.com/cve/CVE-2017-13049\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the Rx component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/132007 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13048\n https://vulners.com/cve/CVE-2017-13048\n https://vulners.com/cve/CVE-2017-13048\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the RSVP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/132005 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13047\n https://vulners.com/cve/CVE-2017-13047\n https://vulners.com/cve/CVE-2017-13047\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the ISO ES-IS\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/131910 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13046\n https://vulners.com/cve/CVE-2017-13046\n https://vulners.com/cve/CVE-2017-13046\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the BGP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/131889 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13045\n https://vulners.com/cve/CVE-2017-13045\n https://vulners.com/cve/CVE-2017-13045\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the VQP component.\n By sending a specially crafted request, an attacker could exploit\n this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/132004 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2017-13044\n https://vulners.com/cve/CVE-2017-13044\n https://vulners.com/cve/CVE-2017-13044\n DESCRIPTION: tcpdump could allow a remote attacker to obtain sensitive\n information, caused by a buffer overread memory in the HNCP\n component. By sending a specially crafted request, an attacker could\n exploit this vulnerability to obtain sensitive information.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/132003 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n\n===============================================================================\n\nCONTACT US:\n\n Note: Keywords labeled as KEY in this document are used for parsing\n purposes.\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n https://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n https://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n https://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n Please contact your local IBM AIX support center for any\n assistance.\n\nREFERENCES:\n \n Complete CVSS v3 Guide: http://www.first.org/cvss/user-guide\n https://www.first.org/cvss/user-guide\n On-line Calculator v3:\n http://www.first.org/cvss/calculator/3.0\n https://www.first.org/cvss/calculator/3.0\n\nACKNOWLEDGEMENTS:\n\n None \n\nCHANGE HISTORY:\n\n First Issued: Wed Nov 8 09:27:01 CST 2017 \n| Updated: Wed Feb 28 09:33:13 CST 2018 \n| Update: Corrected the APARs listed under the APAR section.\n\n===============================================================================\n\n*The CVSS Environment Score is customer environment specific and will \nultimately impact the Overall CVSS Score. Customers can evaluate the impact \nof this vulnerability in their environments by accessing the links in the \nReference section of this Security Bulletin. \n\nDisclaimer\nAccording to the Forum of Incident Response and Security Teams (FIRST), the \nCommon Vulnerability Scoring System (CVSS) is an \"industry open standard \ndesigned to convey vulnerability severity and help to determine urgency and \npriority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY \nOF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS \nFOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT \nOF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n \n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-08T09:27:01", "type": "aix", "title": "There are multiple vulnerabilities in tcpdump that impact AIX.", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2017-11-08T09:27:01", "id": "TCPDUMP_ADVISORY3.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory3.asc", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:05:05", "description": "### Background\n\nTcpdump is a tool for network monitoring and data acquisition.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Tcpdump. Please review the referenced CVE identifiers for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Tcpdump users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/tcpdump-4.9.2\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-09-25T00:00:00", "type": "gentoo", "title": "Tcpdump: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11108", "CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-11544", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2017-09-25T00:00:00", "id": "GLSA-201709-23", "href": "https://security.gentoo.org/glsa/201709-23", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\ntcpdump developers report:\n\nToo many issues to detail, see CVE references for details.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-07-22T00:00:00", "type": "freebsd", "title": "tcpdump -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2017-07-22T00:00:00", "id": "EB03D642-6724-472D-B038-F2BF074E1FC8", "href": "https://vuxml.freebsd.org/freebsd/eb03d642-6724-472d-b038-f2bf074e1fc8.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Summary for 4.9.2 tcpdump release Do not use getprotobynumber() for protocol name resolution. Do not do any protocol name resolution if -n is specified. Improve errors detection in the test scripts. Fix a segfault with OpenSSL 1.1 and improve OpenSSL usage. Clean up IS-IS printing. Fix buffer overflow vulnerabilities: CVE-2017-11543 (SLIP), CVE-2017-13011 (bittok2str_internal) Fix infinite loop vulnerabilities: CVE-2017-12989 (RESP), CVE-2017-12990 (ISAKMP), CVE-2017-12995 (DNS), CVE-2017-12997 (LLDP). Fix buffer over-read vulnerabilities: CVE-2017-11541 (safeputs), CVE-2017-11542 (PIMv1), CVE-2017-12893 (SMB/CIFS), CVE-2017-12894 (lookup_bytestring), CVE-2017-12895 (ICMP), CVE-2017-12896 (ISAKMP), CVE-2017-12897 (ISO CLNS), CVE-2017-12898 (NFS), CVE-2017-12899 (DECnet), CVE-2017-12900 (tok2strbuf), CVE-2017-12901 (EIGRP), CVE-2017-12902 (Zephyr), CVE-2017-12985 (IPv6), CVE-2017-12986 (IPv6 routing headers), CVE-2017-12987 (IEEE 802.11), CVE-2017-12988 (telnet), CVE-2017-12991 (BGP), CVE-2017-12992 (RIPng), CVE-2017-12993 (Juniper), CVE-2017-11542 (PIMv1), CVE-2017-11541 (safeputs), CVE-2017-12994 (BGP), CVE-2017-12996 (PIMv2), CVE-2017-12998 (ISO IS-IS), CVE-2017-12999 (ISO IS-IS), CVE-2017-13000 (IEEE 802.15.4), CVE-2017-13001 (NFS), CVE-2017-13002 (AODV), CVE-2017-13003 (LMP), CVE-2017-13004 (Juniper), CVE-2017-13005 (NFS), CVE-2017-13006 (L2TP), CVE-2017-13007 (Apple PKTAP), CVE-2017-13008 (IEEE 802.11), CVE-2017-13009 (IPv6 mobility), CVE-2017-13010 (BEEP), CVE-2017-13012 (ICMP), CVE-2017-13013 (ARP), CVE-2017-13014 (White Board), CVE-2017-13015 (EAP), CVE-2017-11543 (SLIP), CVE-2017-13016 (ISO ES-IS), CVE-2017-13017 (DHCPv6), CVE-2017-13018 (PGM), CVE-2017-13019 (PGM), CVE-2017-13020 (VTP), CVE-2017-13021 (ICMPv6), CVE-2017-13022 (IP), CVE-2017-13023 (IPv6 mobility), CVE-2017-13024 (IPv6 mobility), CVE-2017-13025 (IPv6 mobility), CVE-2017-13026 (ISO IS-IS), CVE-2017-13027 (LLDP), CVE-2017-13028 (BOOTP), CVE-2017-13029 (PPP), CVE-2017-13030 (PIM), CVE-2017-13031 (IPv6 fragmentation header), CVE-2017-13032 (RADIUS), CVE-2017-13033 (VTP), CVE-2017-13034 (PGM), CVE-2017-13035 (ISO IS-IS), CVE-2017-13036 (OSPFv3), CVE-2017-13037 (IP), CVE-2017-13038 (PPP), CVE-2017-13039 (ISAKMP), CVE-2017-13040 (MPTCP), CVE-2017-13041 (ICMPv6), CVE-2017-13042 (HNCP), CVE-2017-13043 (BGP), CVE-2017-13044 (HNCP), CVE-2017-13045 (VQP), CVE-2017-13046 (BGP), CVE-2017-13047 (ISO ES-IS), CVE-2017-13048 (RSVP), CVE-2017-13049 (Rx), CVE-2017-13050 (RPKI-Router), CVE-2017-13051 (RSVP), CVE-2017-13052 (CFM), CVE-2017-13053 (BGP), CVE-2017-13054 (LLDP), CVE-2017-13055 (ISO IS-IS), CVE-2017-13687 (Cisco HDLC), CVE-2017-13688 (OLSR), CVE-2017-13689 (IKEv1), CVE-2017-13690 (IKEv2), CVE-2017-13725 (IPv6 routing headers) \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-10T12:36:09", "type": "mageia", "title": "Updated tcpdump packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-11541", "CVE-2017-11542", "CVE-2017-11543", "CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725"], "modified": "2017-09-10T12:36:09", "id": "MGASA-2017-0335", "href": "https://advisories.mageia.org/MGASA-2017-0335.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2021-07-28T14:34:08", "description": "Arch Linux Security Advisory ASA-201709-5\n=========================================\n\nSeverity: Critical\nDate : 2017-09-13\nCVE-ID : CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 CVE-2017-12893\nCVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897\nCVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901\nCVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987\nCVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991\nCVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995\nCVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999\nCVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003\nCVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007\nCVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011\nCVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015\nCVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019\nCVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023\nCVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027\nCVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031\nCVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035\nCVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039\nCVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043\nCVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047\nCVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051\nCVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055\nCVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690\nCVE-2017-13725\nPackage : tcpdump\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-361\n\nSummary\n=======\n\nThe package tcpdump before version 4.9.2-1 is vulnerable to multiple\nissues including arbitrary code execution and denial of service.\n\nResolution\n==========\n\nUpgrade to 4.9.2-1.\n\n# pacman -Syu \"tcpdump>=4.9.2-1\"\n\nThe problems have been fixed upstream in version 4.9.2.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2017-11541 (denial of service)\n\nA heap-based out-of-bounds read vulnerability was discovered in tcpdump\n<= 4.9.1, in the lldp_print function in print-lldp.c, related to util-\nprint.c. An attacker could craft a malicious pcap file or send\nspecially crafted packets to the network that would cause tcpdump to\ncrash when attempting to print a summary of the packet data.\n\n- CVE-2017-11542 (denial of service)\n\nA heap-based out-of-bounds read vulnerability was discovered in tcpdump\n<= 4.9.1, in the pimv1_print function in print-pim.c. An attacker could\ncraft a malicious pcap file or send specially crafted packets to the\nnetwork that would cause tcpdump to crash when attempting to print a\nsummary of the packet data.\n\n- CVE-2017-11543 (arbitrary code execution)\n\nAn out-of-bounds write vulnerability was discovered in tcpdump's\nhandling of LINKTYPE_SLIP in the sliplink_print function in print-sl.c.\nAn attacker could craft a malicious pcap file or send specially crafted\npackets to the network that would cause tcpdump to crash or possibly\nexecute arbitrary code when attempting to print a summary of the packet\ndata.\n\n- CVE-2017-12893 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of SMB/CIFS in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12894 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's parsers\nwhen calling lookup_bytestring in tcpdump <= 4.9.1. An attacker could\ncraft a malicious pcap file or send specially crafted packets to the\nnetwork that would cause tcpdump to crash while processing the packet\ndata.\n\n- CVE-2017-12895 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ICMP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12896 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ISAKMP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12897 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ISO CLNS in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12898 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of NFS in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12899 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of DECnet in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12900 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's parsers\nwhen calling tok2strbuf in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12901 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of EIGRP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12902 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of Zephyr in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12985 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IPv6 in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12986 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IPv6 routing headers in tcpdump <= 4.9.1. An attacker could\ncraft a malicious pcap file or send specially crafted packets to the\nnetwork that would cause tcpdump to crash while processing the packet\ndata.\n\n- CVE-2017-12987 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IEEE 802.11 in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12988 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of telnet in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12989 (denial of service)\n\nAn infinite loop vulnerability was discovered in tcpdump's handling of\nRESP in tcpdump <= 4.9.1. An attacker could craft a malicious pcap file\nor send specially crafted packets to the network that would cause\ntcpdump to enter an infinite loop while processing the packet data\nleading to denial of service.\n\n- CVE-2017-12990 (denial of service)\n\nAn infinite loop vulnerability was discovered in tcpdump's handling of\nISAKMP in tcpdump <= 4.9.1. An attacker could craft a malicious pcap\nfile or send specially crafted packets to the network that would cause\ntcpdump to enter an infinite loop while processing the packet data\nleading to denial of service.\n\n- CVE-2017-12991 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of BGP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12992 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of RIPng in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12993 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of Juniper in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12994 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of BGP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12995 (denial of service)\n\nAn infinite loop vulnerability was discovered in tcpdump's handling of\nDNS in tcpdump <= 4.9.1. An attacker could craft a malicious pcap file\nor send specially crafted packets to the network that would cause\ntcpdump to enter an infinite loop while processing the packet data\nleading to denial of service.\n\n- CVE-2017-12996 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of PIMv2 in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12997 (denial of service)\n\nAn infinite loop vulnerability was discovered in tcpdump's handling of\nLLDP in tcpdump <= 4.9.1. An attacker could craft a malicious pcap file\nor send specially crafted packets to the network that would cause\ntcpdump to enter an infinite loop while processing the packet data\nleading to denial of service.\n\n- CVE-2017-12998 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ISO IS-IS in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-12999 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ISO IS-IS in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13000 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IEEE 802.15.4 in tcpdump <= 4.9.1. An attacker could craft\na malicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13001 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of NFS in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13002 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of AODV in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13003 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of LMP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13004 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of Juniper in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13005 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of NFS in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13006 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of L2TP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13007 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of Apple PKTAP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13008 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IEEE 802.11 in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13009 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IPv6 mobility in tcpdump <= 4.9.1. An attacker could craft\na malicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13010 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of BEEP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13011 (arbitrary code execution)\n\nAn out-of-bounds write vulnerability was discovered in tcpdump's\nparsers when calling bittok2str_internal. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash or possibly execute arbitrary code\nwhile processing the packet data.\n\n- CVE-2017-13012 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ICMP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13013 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ARP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13014 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of White Board in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13015 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of EAP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13016 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ISO ES-IS in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13017 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of DHCPv6 in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13018 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of PGM in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13019 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of PGM in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13020 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of VTP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13021 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ICMPv6 in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13022 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IP in tcpdump <= 4.9.1. An attacker could craft a malicious\npcap file or send specially crafted packets to the network that would\ncause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13023 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IPv6 mobility in tcpdump <= 4.9.1. An attacker could craft\na malicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13024 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IPv6 mobility in tcpdump <= 4.9.1. An attacker could craft\na malicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13025 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IPv6 mobility in tcpdump <= 4.9.1. An attacker could craft\na malicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13026 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ISO IS-IS in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13027 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of LLDP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13028 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of BOOTP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13029 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of PPP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13030 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of PIM in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13031 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IPv6 fragmentation header in tcpdump <= 4.9.1. An attacker\ncould craft a malicious pcap file or send specially crafted packets to\nthe network that would cause tcpdump to crash while processing the\npacket data.\n\n- CVE-2017-13032 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of RADIUS in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13033 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of VTP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13034 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of PGM in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13035 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ISO IS-IS in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13036 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of OSPFv3 in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13037 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IP in tcpdump <= 4.9.1. An attacker could craft a malicious\npcap file or send specially crafted packets to the network that would\ncause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13038 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of PPP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13039 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ISAKMP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13040 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of MPTCP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13041 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ICMPv6 in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13042 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of HNCP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13043 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of BGP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13044 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of HNCP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13045 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of VQP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13046 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of BGP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13047 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ISO ES-IP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13048 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of RSVP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13049 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of Rx in tcpdump <= 4.9.1. An attacker could craft a malicious\npcap file or send specially crafted packets to the network that would\ncause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13050 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of RPKI-Router in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13051 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of RSVP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13052 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of CFM in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13053 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of BGP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13054 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of LLDP in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13055 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of ISO IS-IS in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13687 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of Cisco HDLC in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13688 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of OLSR in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13689 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IKEv1 in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13690 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IKEv2 in tcpdump <= 4.9.1. An attacker could craft a\nmalicious pcap file or send specially crafted packets to the network\nthat would cause tcpdump to crash while processing the packet data.\n\n- CVE-2017-13725 (denial of service)\n\nAn out-of-bounds read vulnerability was discovered in tcpdump's\nhandling of IPv6 routing headers in tcpdump <= 4.9.1. An attacker could\ncraft a malicious pcap file or send specially crafted packets to the\nnetwork that would cause tcpdump to crash while processing the packet\ndata.\n\nImpact\n======\n\nA remote attacker is able to crash the application or execute arbitrary\ncode by tricking the user to open a specially crafted pcap file or by\nsending specially crafted packets to the network.\n\nReferences\n==========\n\nhttp://www.tcpdump.org/tcpdump-changes.txt\nhttps://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/heap-buffer-overflow/util-print\nhttps://github.com/the-tcpdump-group/tcpdump/commit/21d702a136c5c16882e368af7c173df728242280\nhttps://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/heap-buffer-overflow/print-pim\nhttps://github.com/the-tcpdump-group/tcpdump/commit/bed48062a64fca524156d7684af19f5b4a116fae\nhttps://github.com/the-tcpdump-group/tcpdump/commit/7039327875525278d17edee59720e29a3e76b7b3\nhttps://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/global-overflow/print-sl\nhttps://github.com/the-tcpdump-group/tcpdump/commit/6f5ba2b651cd9d4b7fa8ee5c4f94460645877c45\nhttps://github.com/the-tcpdump-group/tcpdump/commit/730fc35968c5433b9e2a829779057f4f9495dc51\nhttps://github.com/the-tcpdump-group/tcpdump/commit/2b62d1dda41590db29368ec7ba5f4faf3464765a\nhttps://github.com/the-tcpdump-group/tcpdump/commit/4e430c6b0d8b7e77c7abca7e7afb0c3e727502f2\nhttps://github.com/the-tcpdump-group/tcpdump/commit/f76e7feb41a4327d2b0978449bbdafe98d4a3771\nhttps://github.com/the-tcpdump-group/tcpdump/commit/1dcd10aceabbc03bf571ea32b892c522cbe923de\nhttps://github.com/the-tcpdump-group/tcpdump/commit/19d25dd8781620cd41bf178a5e2e27fc1cf242d0\nhttps://github.com/the-tcpdump-group/tcpdump/commit/f96003b21e2abfbba59b926b10a7f9bc7d11e36c\nhttps://github.com/the-tcpdump-group/tcpdump/commit/c6e0531b5def26ecf912e8de6ade86cbdaed3751\nhttps://github.com/the-tcpdump-group/tcpdump/commit/0318fa8b61bd6c837641129d585f1a73c652b1e0\nhttps://github.com/the-tcpdump-group/tcpdump/commit/de981e6070d168b58ec1bb0713ded77ed4ad87f4\nhttps://github.com/the-tcpdump-group/tcpdump/commit/6ec0c6fa63412c7a07a5bcb790a529c3563b4173\nhttps://github.com/the-tcpdump-group/tcpdump/commit/d17507ffa3e9742199b02a66aa940e79ababfa30\nhttps://github.com/the-tcpdump-group/tcpdump/commit/66df248b49095c261138b5a5e34d341a6bf9ac7f\nhttps://github.com/the-tcpdump-group/tcpdump/commit/7ac73d6cd41e9d4ac0ca7e6830ca390e195bb21c\nhttps://github.com/the-tcpdump-group/tcpdump/commit/2ecb9d2c67d9119250c54811a6ce4d0f2ddf44f1\nhttps://github.com/the-tcpdump-group/tcpdump/commit/99798bd9a41bd3d03fdc1e949810a38967f20ed3\nhttps://github.com/the-tcpdump-group/tcpdump/commit/8934a7d6307267d301182f19ed162563717e29e3\nhttps://github.com/the-tcpdump-group/tcpdump/commit/db24063b01cba8e9d4d88b7d8ac70c9000c104e4\nhttps://github.com/the-tcpdump-group/tcpdump/commit/c2ef693866beae071a24b45c49f9674af1df4028\nhttps://github.com/the-tcpdump-group/tcpdump/commit/50a44b6b8e4f7c127440dbd4239cf571945cc1e7\nhttps://github.com/the-tcpdump-group/tcpdump/commit/e942fb84fbe3a73a98a00d2a279425872b5fb9d2\nhttps://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02\nhttps://github.com/the-tcpdump-group/tcpdump/commit/ffde45acf3348f8353fb4064a1b21683ee6b5ddf\nhttps://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29\nhttps://github.com/the-tcpdump-group/tcpdump/commit/6fca58f5f9c96749a575f52e20598ad43f5bdf30\nhttps://github.com/the-tcpdump-group/tcpdump/commit/34cec721d39c76be1e0a600829a7b17bdfb832b6\nhttps://github.com/the-tcpdump-group/tcpdump/commit/979dcefd7b259e9e233f77fe1c5312793bfd948f\nhttps://github.com/the-tcpdump-group/tcpdump/commit/3b32029db354cbc875127869d9b12a9addc75b50\nhttps://github.com/the-tcpdump-group/tcpdump/commit/8512734883227c11568bb35da1d48b9f8466f43f\nhttps://github.com/the-tcpdump-group/tcpdump/commit/a7e5f58f402e6919ec444a57946bade7dfd6b184\nhttps://github.com/the-tcpdump-group/tcpdump/commit/9be4e0b5938b705e7e36cfcb110a740c6ff0cb97\nhttps://github.com/the-tcpdump-group/tcpdump/commit/7a923447fd49a069a0fd3b6c3547438ab5ee2123\nhttps://github.com/the-tcpdump-group/tcpdump/commit/cbddb98484ea8ec1deece351abd56e063d775b38\nhttps://github.com/the-tcpdump-group/tcpdump/commit/a25211918f2e790c67d859d20ccf8dbb81da1598\nhttps://github.com/the-tcpdump-group/tcpdump/commit/35d146b7a66496d72cdeb95ccb33ab80a265ce90\nhttps://github.com/the-tcpdump-group/tcpdump/commit/42073d54c53a496be40ae84152bbfe2c923ac7bc\nhttps://github.com/the-tcpdump-group/tcpdump/commit/b45a9a167ca6a3ef2752ae9d48d56ac14b001bfd\nhttps://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165\nhttps://github.com/the-tcpdump-group/tcpdump/commit/ca336198e8bebccc18502de27672fdbd6eb34856\nhttps://github.com/the-tcpdump-group/tcpdump/commit/5edf405d7ed9fc92f4f43e8a3d44baa4c6387562\nhttps://github.com/the-tcpdump-group/tcpdump/commit/db8c799f6dfc68765c9451fcbfca06e662f5bd5f\nhttps://github.com/the-tcpdump-group/tcpdump/commit/877b66b398518d9501513e0860c9f3a8acc70892\nhttps://github.com/the-tcpdump-group/tcpdump/commit/9f0730bee3eb65d07b49fd468bc2f269173352fe\nhttps://github.com/the-tcpdump-group/tcpdump/commit/8509ef02eceb2bbb479cea10fe4a7ec6395f1a8b\nhttps://github.com/the-tcpdump-group/tcpdump/commit/13ab8d18617d616c7d343530f8a842e7143fb5cc\nhttps://github.com/the-tcpdump-group/tcpdump/commit/cc356512f512e7fa423b3674db4bb31dbe40ffec\nhttps://github.com/the-tcpdump-group/tcpdump/commit/985122081165753c7442bd7824c473eb9ff56308\nhttps://github.com/the-tcpdump-group/tcpdump/commit/c177cb3800a9a68d79b2812f0ffcb9479abd6eb8\nhttps://github.com/the-tcpdump-group/tcpdump/commit/11b426ee05eb62ed103218526f1fa616851c43ce\nhttps://github.com/the-tcpdump-group/tcpdump/commit/26a6799b9ca80508c05cac7a9a3bef922991520b\nhttps://github.com/the-tcpdump-group/tcpdump/commit/4601c685e7fd19c3724d5e499c69b8d3ec49933e\nhttps://github.com/the-tcpdump-group/tcpdump/commit/d692d67332bcc90540088ad8e725eb3279e39863\nhttps://github.com/the-tcpdump-group/tcpdump/commit/c5dd7bef5e54da5996dc4713284aa6266ae75b75\nhttps://github.com/the-tcpdump-group/tcpdump/commit/67c7126062d59729cd421bb38f9594015c9907ba\nhttps://github.com/the-tcpdump-group/tcpdump/commit/eee0b04bcfdae319c242b0b8fc3d07029ee65b8c\nhttps://github.com/the-tcpdump-group/tcpdump/commit/b8e559afaeb8fe0604a1f8e3ad4dc1445de07a00\nhttps://github.com/the-tcpdump-group/tcp