Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2019-3976.NASLHistoryNov 27, 2019 - 12:00 a.m.
RHEL 7 : tcpdump (RHSA-2019:3976)
2019-11-2700:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
42
6.1 Medium
AI Score
Confidence
High
An update for tcpdump is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.
The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.
Security Fix(es) :
- tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap (CVE-2018-19519)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2019:3976. The text
# itself is copyright (C) Red Hat, Inc.
#
include('compat.inc');
if (description)
{
script_id(131377);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/09");
script_cve_id("CVE-2018-19519");
script_xref(name:"RHSA", value:"2019:3976");
script_name(english:"RHEL 7 : tcpdump (RHSA-2019:3976)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"An update for tcpdump is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security
impact of Low. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link (s) in the References section.
The tcpdump packages contain the tcpdump utility for monitoring
network traffic. The tcpdump utility can capture and display the
packet headers on a particular network interface or on all interfaces.
Security Fix(es) :
* tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix()
via crafted pcap (CVE-2018-19519)
For more details about the security issue(s), including the impact, a
CVSS score, acknowledgments, and other related information, refer to
the CVE page(s) listed in the References section.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:3976");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2018-19519");
script_set_attribute(attribute:"solution", value:
"Update the affected tcpdump and / or tcpdump-debuginfo packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-19519");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/11/25");
script_set_attribute(attribute:"patch_publication_date", value:"2019/11/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/27");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tcpdump");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tcpdump-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.7");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2019:3976";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"tcpdump-4.9.2-4.el7_7.1")) flag++;
if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"tcpdump-4.9.2-4.el7_7.1")) flag++;
if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"tcpdump-debuginfo-4.9.2-4.el7_7.1")) flag++;
if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"tcpdump-debuginfo-4.9.2-4.el7_7.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "tcpdump / tcpdump-debuginfo");
}
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | tcpdump | p-cpe:/a:redhat:enterprise_linux:tcpdump |
| redhat | enterprise_linux | tcpdump-debuginfo | p-cpe:/a:redhat:enterprise_linux:tcpdump-debuginfo |
| redhat | enterprise_linux | 7 | cpe:/o:redhat:enterprise_linux:7 |
| redhat | enterprise_linux | 7.7 | cpe:/o:redhat:enterprise_linux:7.7 |
Related
nessus
nessus
Virtuozzo 7 : tcpdump (VZLSA-2019-3976)
2020-12-10 00:00:00
openSUSE Security Update : tcpdump (openSUSE-2018-1559)
2018-12-17 00:00:00
AIX 7.1 TL 4 : tcpdump (IJ12979)
2019-02-26 00:00:00
veracode
veracode
Information Disclosure
2020-04-29 02:39:29
ubuntucve
ubuntucve
CVE-2018-19519
2018-11-25 00:00:00
suse
suse
Security update for tcpdump (moderate)
2018-12-15 18:08:38
Security update for tcpdump (moderate)
2018-12-22 18:16:17
redhat
redhat
(RHSA-2019:3976) Low: tcpdump security update
2019-11-26 10:37:59
(RHSA-2020:1604) Low: tcpdump security update
2020-04-28 08:55:52
mageia
mageia
Updated tcpdump package fixes security vulnerability
2018-12-28 13:16:58
openvas
openvas
openSUSE: Security Advisory for tcpdump (openSUSE-SU-2018:4144-1)
2018-12-18 00:00:00
openSUSE: Security Advisory for tcpdump (openSUSE-SU-2018:4144-1)
2018-12-18 00:00:00
CentOS Update for tcpdump CESA-2019:3976 centos7
2019-12-04 00:00:00
ibm
ibm
Security Bulletin: IBM MQ Appliance is affected by a tcpdump vulnerability (CVE-2018-19519)
2020-04-22 09:29:32
Security Bulletin: IBM QRadar Network Security is affected by a tcpdump vulnerability (CVE-2018-19519)
2020-03-27 08:10:29
Security Bulletin: Vulnerability in tcpdump affects AIX (CVE-2018-19519)
2019-04-09 16:05:01
centos
centos
tcpdump security update
2019-12-03 20:36:30
cve
cve
CVE-2018-19519
2018-11-25 20:29:00
oraclelinux
oraclelinux
tcpdump security update
2019-11-27 00:00:00
tcpdump security update
2020-05-05 00:00:00
prion
prion
Stack overflow
2018-11-25 20:29:00
redhatcve
redhatcve
CVE-2018-19519
2018-12-03 04:19:11
CVE-2019-1010220
2019-08-01 05:22:13
aix
aix
f5
f5
K04311751 : Tcpdump vulnerability CVE-2018-19519
2022-10-20 00:00:00
osv
osv
CVE-2018-19519
2018-11-25 20:29:00
amazon
amazon
Low: tcpdump
2020-01-14 20:05:00
debiancve
debiancve
CVE-2018-19519
2018-11-25 20:29:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-1.0-0218
2019-03-19 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-2.0-0142
2019-03-19 00:00:00
Important Photon OS Security Update - PHSA-2019-0218
2019-03-19 00:00:00
ubuntu
ubuntu
tcpdump vulnerabilities
2020-01-27 00:00:00
tcpdump vulnerabilities
2020-01-27 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: tcpdump-4.9.3-1.fc30
2019-10-28 01:03:58
[SECURITY] Fedora 29 Update: tcpdump-4.9.3-1.fc29
2019-10-25 18:09:47
[SECURITY] Fedora 31 Update: tcpdump-4.9.3-1.fc31
2019-10-30 00:58:06
cloudfoundry
cloudfoundry
USN-4252-1: tcpdump vulnerabilities | Cloud Foundry
2020-02-12 00:00:00