Lucene search

K
debianDebianDEBIAN:DLA-174-1:F5DF3
HistoryMar 17, 2015 - 9:57 a.m.

[SECURITY] [DLA 174-1] tcpdump security update

2015-03-1709:57:43
lists.debian.org
15

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

AI Score

Confidence

High

0.11 Low

EPSS

Percentile

95.2%

Package : tcpdump
Version : tcpdump_4.1.1-1+deb6u2
CVE ID : CVE-2015-0261 CVE-2015-2154 CVE-2015-2155

Several issues have been discovered with tcpdump in the way it
handled some printer protocols. Those issues can lead to denial
of service, or, potentially, execution of arbitrary code.

CVE-2015-0261

Missing bounds checks in IPv6 Mobility printer

CVE-2015-2154

Missing bounds checks in ISOCLNS printer

CVE-2015-2155

Missing bounds checks in ForCES printer

Thanks to Romain Françoise who prepared this update.

Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/
Attachment:
signature.asc
Description: Digital signature

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

AI Score

Confidence

High

0.11 Low

EPSS

Percentile

95.2%