Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code.
For Debian 7 ‘Wheezy’, these problems have been fixed in version 4.9.2-1~deb7u1.
We recommend that you upgrade your tcpdump packages.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-1097-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(103257);
script_version("3.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12895", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12989", "CVE-2017-12990", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12994", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12997", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13000", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13007", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13011", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13015", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13020", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13026", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13033", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13039", "CVE-2017-13040", "CVE-2017-13041", "CVE-2017-13042", "CVE-2017-13043", "CVE-2017-13044", "CVE-2017-13045", "CVE-2017-13046", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13050", "CVE-2017-13051", "CVE-2017-13052", "CVE-2017-13053", "CVE-2017-13054", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13690", "CVE-2017-13725");
script_name(english:"Debian DLA-1097-1 : tcpdump security update");
script_summary(english:"Checks dpkg output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Several vulnerabilities have been discovered in tcpdump, a
command-line network traffic analyzer. These vulnerabilities might
result in denial of service or, potentially, execution of arbitrary
code.
For Debian 7 'Wheezy', these problems have been fixed in version
4.9.2-1~deb7u1.
We recommend that you upgrade your tcpdump packages.
NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://lists.debian.org/debian-lts-announce/2017/09/msg00014.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/wheezy/tcpdump"
);
script_set_attribute(
attribute:"solution",
value:"Upgrade the affected tcpdump package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:tcpdump");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/09/14");
script_set_attribute(attribute:"patch_publication_date", value:"2017/09/15");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/09/18");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"7.0", prefix:"tcpdump", reference:"4.9.2-1~deb7u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
debian | debian_linux | tcpdump | p-cpe:/a:debian:debian_linux:tcpdump |
debian | debian_linux | 7.0 | cpe:/o:debian:debian_linux:7.0 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12893
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12894
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12895
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12897
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12898
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12899
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12900
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12901
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12902
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12985
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12986
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12987
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12988
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12989
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12990
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12991
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12992
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12993
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12994
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12995
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12996
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12997
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12998
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12999
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13000
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13001
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13002
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13003
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13004
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13005
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13006
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13007
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13008
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13009
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13010
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13011
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13012
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13013
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13014
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13015
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13016
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13017
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13018
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13019
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13020
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13021
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13022
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13023
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13024
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13025
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13026
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13027
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13028
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13029
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13030
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13031
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13032
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13033
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13034
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13035
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13036
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13037
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13038
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13039
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13040
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13041
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13042
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13043
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13044
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13045
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13046
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13047
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13048
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13049
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13050
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13051
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13052
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13053
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13054
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13055
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13687
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13688
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13689
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13690
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13725
lists.debian.org/debian-lts-announce/2017/09/msg00014.html
packages.debian.org/source/wheezy/tcpdump