Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-3971-1:CDAA8
HistorySep 13, 2017 - 5:04 a.m.

[SECURITY] [DSA 3971-1] tcpdump security update

2017-09-1305:04:17
lists.debian.org
13

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Debian Security Advisory DSA-3971-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
September 13, 2017 https://www.debian.org/security/faq

Package : tcpdump
CVE ID : CVE-2017-11108 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543
CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896
CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900
CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986
CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990
CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994
CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998
CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002
CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006
CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010
CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014
CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018
CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022
CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026
CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030
CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034
CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038
CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042
CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046
CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050
CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054
CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689
CVE-2017-13690 CVE-2017-13725
Debian Bug : 867718 873804 873805 873806

Several vulnerabilities have been discovered in tcpdump, a command-line
network traffic analyzer. These vulnerabilities might result in denial
of service or, potentially, execution of arbitrary code.

For the oldstable distribution (jessie), these problems have been fixed
in version 4.9.2-1~deb8u1.

For the stable distribution (stretch), these problems have been fixed in
version 4.9.2-1~deb9u1.

For the testing distribution (buster), these problems have been fixed
in version 4.9.2-1 or earlier versions.

For the unstable distribution (sid), these problems have been fixed in
version 4.9.2-1 or earlier versions.

We recommend that you upgrade your tcpdump packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Related

openvas 9
nessus 28
debian 3
cloudfoundry 1
osv 30
photon 3
ubuntu 2
archlinux 1
gentoo 1
mageia 1
slackware 1
freebsd 1
aix 1
ibm 2
apple 2
redhatcve 28
prion 24
hackerone 3
cve 20
debiancve 18
ubuntucve 19
f5 1
openvas
openvas
Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2017-1280)
2020-01-23 00:00:00
Debian LTS: Security Advisory for tcpdump (DLA-1097-1)
2018-02-07 00:00:00
Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2017-1281)
2020-01-23 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : tcpdump vulnerabilities (USN-3415-1)
2017-09-14 00:00:00
EulerOS 2.0 SP1 : tcpdump (EulerOS-SA-2017-1280)
2017-11-02 00:00:00
EulerOS 2.0 SP2 : tcpdump (EulerOS-SA-2017-1281)
2017-11-02 00:00:00
debian
debian
[SECURITY] [DLA 1097-1] tcpdump security update
2017-09-15 10:18:46
[SECURITY] [DSA 3971-1] tcpdump security update
2017-09-13 05:04:17
[SECURITY] [DLA 1090-1] tcpdump security update
2017-09-06 06:42:34
cloudfoundry
cloudfoundry
USN-3415-1: tcpdump vulnerabilities | Cloud Foundry
2017-09-21 00:00:00
osv
osv
tcpdump - security update
2017-09-15 00:00:00
tcpdump - security update
2017-09-13 00:00:00
tcpdump - security update
2017-09-05 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0034
2017-09-19 00:00:00
Important Photon OS Security Update - PHSA-2017-0070
2017-09-19 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0033
2017-09-13 00:00:00
ubuntu
ubuntu
tcpdump vulnerabilities
2017-09-14 00:00:00
tcpdump vulnerabilities
2017-09-14 00:00:00
archlinux
archlinux
[ASA-201709-5] tcpdump: multiple issues
2017-09-13 00:00:00
gentoo
gentoo
Tcpdump: Multiple vulnerabilities
2017-09-25 00:00:00
mageia
mageia
Updated tcpdump packages fix security vulnerabilities
2017-09-10 15:36:09
slackware
slackware
[slackware-security] tcpdump
2017-09-08 18:06:49
freebsd
freebsd
tcpdump -- multiple vulnerabilities
2017-07-22 00:00:00
aix
aix
There are multiple vulnerabilities in tcpdump that impact AIX.
2017-11-08 09:27:01
ibm
ibm
Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience PCA
2018-06-23 03:45:19
Security Bulletin: Vulnerabilities in tcpdump affect IBM Chassis Management Module (CMM)
2019-01-31 02:40:01
apple
apple
About the security content of macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan
2017-10-31 00:00:00
About the security content of macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan - Apple Support
2019-04-03 09:42:09
redhatcve
redhatcve
CVE-2017-13051
2017-09-14 04:58:56
CVE-2017-13013
2017-09-14 05:03:09
CVE-2017-12894
2017-09-14 04:21:01
prion
prion
Buffer overflow
2017-09-14 06:29:00
Design/Logic Flaw
2017-09-14 06:29:00
Buffer overflow
2017-09-14 06:29:00
hackerone
hackerone
Internet Bug Bounty: CVE-2017-13019: The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print()
2020-02-23 16:49:27
Internet Bug Bounty: CVE-2017-13010 The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
2017-09-15 23:45:26
Internet Bug Bounty: CVE-2017-13041 The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
2020-08-22 06:12:33
cve
cve
CVE-2017-12899
2017-09-14 06:29:00
CVE-2017-13035
2017-09-14 06:29:00
CVE-2017-13044
2017-09-14 06:29:00
debiancve
debiancve
CVE-2017-13047
2017-09-14 06:29:00
CVE-2017-13020
2017-09-14 06:29:00
CVE-2017-12986
2017-09-14 06:29:00
ubuntucve
ubuntucve
CVE-2017-11542
2017-07-22 00:00:00
CVE-2017-13041
2017-09-13 00:00:00
CVE-2017-13040
2017-09-13 00:00:00
f5
f5
K13237658 : tcpdump vulnerability CVE-2017-11541
2017-08-31 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for DEBIAN:DSA-3971-1:CDAA8
openvas9nessus28debian3cloudfoundry1osv30photon3ubuntu2archlinux1gentoo1mageia1slackware1freebsd1aix1ibm2apple2redhatcve28prion24hackerone3cve20debiancve18ubuntucve19f51