Lucene search

K
mageiaGentoo FoundationMGASA-2014-0511
HistoryDec 05, 2014 - 6:54 p.m.

Updated tcpdump package fixes security vulnerability

2014-12-0518:54:13
Gentoo Foundation
advisories.mageia.org
13

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.148

Percentile

95.8%

It was discovered that tcpdump incorrectly handled printing PPP packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2014-9140).

OSVersionArchitecturePackageVersionFilename
Mageia4noarchtcpdump< 4.4.0-2.2tcpdump-4.4.0-2.2.mga4

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.148

Percentile

95.8%