Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2019-14191-1.NASL
HistoryJun 10, 2021 - 12:00 a.m.

SUSE SLES11 Security Update : tcpdump (SUSE-SU-2019:14191-1)

2021-06-1000:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
24

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.015

Percentile

86.8%

JSON

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14191-1 advisory.

  • The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
    (CVE-2017-12893)

  • Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring(). (CVE-2017-12894)

  • The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
    (CVE-2017-12896)

  • The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
    (CVE-2017-12897)

  • The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
    (CVE-2017-12898)

  • The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
    (CVE-2017-12899)

  • Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util- print.c:tok2strbuf(). (CVE-2017-12900)

  • The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().
    (CVE-2017-12901)

  • The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
    (CVE-2017-12902)

  • The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().
    (CVE-2017-12985)

  • The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
    (CVE-2017-12986, CVE-2017-13725)

  • The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
    (CVE-2017-12987, CVE-2017-13008)

  • The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().
    (CVE-2017-12988)

  • The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
    (CVE-2017-12991)

  • The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().
    (CVE-2017-12992)

  • The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions. (CVE-2017-12993)

  • The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print- domain.c:ns_print(). (CVE-2017-12995)

  • The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().
    (CVE-2017-12996)

  • The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print- isoclns.c:isis_print_extd_ip_reach(). (CVE-2017-12998)

  • The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().
    (CVE-2017-12999)

  • The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().
    (CVE-2017-13001)

  • The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().
    (CVE-2017-13002)

  • The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print(). (CVE-2017-13003)

  • The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print- juniper.c:juniper_parse_header(). (CVE-2017-13004)

  • The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().
    (CVE-2017-13005)

  • The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.
    (CVE-2017-13006)

  • The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print- mobility.c:mobility_print(). (CVE-2017-13009)

  • The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
    (CVE-2017-13010)

  • The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
    (CVE-2017-13012)

  • The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.
    (CVE-2017-13013)

  • The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions. (CVE-2017-13014)

  • The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
    (CVE-2017-13016, CVE-2017-13047)

  • The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().
    (CVE-2017-13017)

  • The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). (CVE-2017-13018, CVE-2017-13019, CVE-2017-13034)

  • The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().
    (CVE-2017-13021)

  • The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().
    (CVE-2017-13022)

  • The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print- mobility.c:mobility_opt_print(). (CVE-2017-13023, CVE-2017-13024, CVE-2017-13025)

  • The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().
    (CVE-2017-13027)

  • The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
    (CVE-2017-13028)

  • The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().
    (CVE-2017-13029)

  • The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.
    (CVE-2017-13030)

  • The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print- frag6.c:frag6_print(). (CVE-2017-13031)

  • The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().
    (CVE-2017-13032)

  • The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().
    (CVE-2017-13035)

  • The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().
    (CVE-2017-13036)

  • The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). (CVE-2017-13037)

  • The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().
    (CVE-2017-13038)

  • The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
    (CVE-2017-13041)

  • The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
    (CVE-2017-13048, CVE-2017-13051)

  • The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
    (CVE-2017-13049)

  • The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
    (CVE-2017-13053)

  • The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print- isoclns.c:isis_print_is_reach_subtlv(). (CVE-2017-13055)

  • The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
    (CVE-2017-13687)

  • The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().
    (CVE-2017-13688)

  • The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
    (CVE-2017-13689)

  • tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)

  • tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105)

  • The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
    (CVE-2018-14461)

  • The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().
    (CVE-2018-14462)

  • The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().
    (CVE-2018-14463)

  • The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print- lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464)

  • The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
    (CVE-2018-14465)

  • The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). (CVE-2018-14466)

  • The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). (CVE-2018-14467)

  • The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
    (CVE-2018-14468)

  • The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
    (CVE-2018-14469)

  • The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). (CVE-2018-14881)

  • The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)

  • The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().
    (CVE-2018-16229)

  • The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). (CVE-2018-16230)

  • The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. (CVE-2018-16300)

  • REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2018-16301)

  • The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. (CVE-2018-16451)

  • The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.
    (CVE-2018-16452)

  • lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
    (CVE-2019-15166)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2019:14191-1. The text itself
# is copyright (C) SUSE.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(150563);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/26");

  script_cve_id(
    "CVE-2017-12893",
    "CVE-2017-12894",
    "CVE-2017-12896",
    "CVE-2017-12897",
    "CVE-2017-12898",
    "CVE-2017-12899",
    "CVE-2017-12900",
    "CVE-2017-12901",
    "CVE-2017-12902",
    "CVE-2017-12985",
    "CVE-2017-12986",
    "CVE-2017-12987",
    "CVE-2017-12988",
    "CVE-2017-12991",
    "CVE-2017-12992",
    "CVE-2017-12993",
    "CVE-2017-12995",
    "CVE-2017-12996",
    "CVE-2017-12998",
    "CVE-2017-12999",
    "CVE-2017-13001",
    "CVE-2017-13002",
    "CVE-2017-13003",
    "CVE-2017-13004",
    "CVE-2017-13005",
    "CVE-2017-13006",
    "CVE-2017-13008",
    "CVE-2017-13009",
    "CVE-2017-13010",
    "CVE-2017-13012",
    "CVE-2017-13013",
    "CVE-2017-13014",
    "CVE-2017-13016",
    "CVE-2017-13017",
    "CVE-2017-13018",
    "CVE-2017-13019",
    "CVE-2017-13021",
    "CVE-2017-13022",
    "CVE-2017-13023",
    "CVE-2017-13024",
    "CVE-2017-13025",
    "CVE-2017-13027",
    "CVE-2017-13028",
    "CVE-2017-13029",
    "CVE-2017-13030",
    "CVE-2017-13031",
    "CVE-2017-13032",
    "CVE-2017-13034",
    "CVE-2017-13035",
    "CVE-2017-13036",
    "CVE-2017-13037",
    "CVE-2017-13038",
    "CVE-2017-13041",
    "CVE-2017-13047",
    "CVE-2017-13048",
    "CVE-2017-13049",
    "CVE-2017-13051",
    "CVE-2017-13053",
    "CVE-2017-13055",
    "CVE-2017-13687",
    "CVE-2017-13688",
    "CVE-2017-13689",
    "CVE-2017-13725",
    "CVE-2018-10103",
    "CVE-2018-10105",
    "CVE-2018-14461",
    "CVE-2018-14462",
    "CVE-2018-14463",
    "CVE-2018-14464",
    "CVE-2018-14465",
    "CVE-2018-14466",
    "CVE-2018-14467",
    "CVE-2018-14468",
    "CVE-2018-14469",
    "CVE-2018-14881",
    "CVE-2018-14882",
    "CVE-2018-16229",
    "CVE-2018-16230",
    "CVE-2018-16300",
    "CVE-2018-16301",
    "CVE-2018-16451",
    "CVE-2018-16452",
    "CVE-2019-15166"
  );
  script_xref(name:"SuSE", value:"SUSE-SU-2019:14191-1");

  script_name(english:"SUSE SLES11 Security Update : tcpdump (SUSE-SU-2019:14191-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in
the SUSE-SU-2019:14191-1 advisory.

  - The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
    (CVE-2017-12893)

  - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in
    addrtoname.c:lookup_bytestring(). (CVE-2017-12894)

  - The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
    (CVE-2017-12896)

  - The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
    (CVE-2017-12897)

  - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
    (CVE-2017-12898)

  - The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
    (CVE-2017-12899)

  - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-
    print.c:tok2strbuf(). (CVE-2017-12900)

  - The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().
    (CVE-2017-12901)

  - The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
    (CVE-2017-12902)

  - The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().
    (CVE-2017-12985)

  - The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
    (CVE-2017-12986, CVE-2017-13725)

  - The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
    (CVE-2017-12987, CVE-2017-13008)

  - The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().
    (CVE-2017-12988)

  - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
    (CVE-2017-12991)

  - The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().
    (CVE-2017-12992)

  - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several
    functions. (CVE-2017-12993)

  - The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-
    domain.c:ns_print(). (CVE-2017-12995)

  - The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().
    (CVE-2017-12996)

  - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-
    isoclns.c:isis_print_extd_ip_reach(). (CVE-2017-12998)

  - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().
    (CVE-2017-12999)

  - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().
    (CVE-2017-13001)

  - The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().
    (CVE-2017-13002)

  - The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print(). (CVE-2017-13003)

  - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-
    juniper.c:juniper_parse_header(). (CVE-2017-13004)

  - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().
    (CVE-2017-13005)

  - The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.
    (CVE-2017-13006)

  - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-
    mobility.c:mobility_print(). (CVE-2017-13009)

  - The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
    (CVE-2017-13010)

  - The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
    (CVE-2017-13012)

  - The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.
    (CVE-2017-13013)

  - The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(),
    several functions. (CVE-2017-13014)

  - The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
    (CVE-2017-13016, CVE-2017-13047)

  - The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().
    (CVE-2017-13017)

  - The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). (CVE-2017-13018,
    CVE-2017-13019, CVE-2017-13034)

  - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().
    (CVE-2017-13021)

  - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().
    (CVE-2017-13022)

  - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-
    mobility.c:mobility_opt_print(). (CVE-2017-13023, CVE-2017-13024, CVE-2017-13025)

  - The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().
    (CVE-2017-13027)

  - The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
    (CVE-2017-13028)

  - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().
    (CVE-2017-13029)

  - The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.
    (CVE-2017-13030)

  - The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-
    frag6.c:frag6_print(). (CVE-2017-13031)

  - The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().
    (CVE-2017-13032)

  - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().
    (CVE-2017-13035)

  - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().
    (CVE-2017-13036)

  - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). (CVE-2017-13037)

  - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().
    (CVE-2017-13038)

  - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
    (CVE-2017-13041)

  - The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
    (CVE-2017-13048, CVE-2017-13051)

  - The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
    (CVE-2017-13049)

  - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
    (CVE-2017-13053)

  - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-
    isoclns.c:isis_print_is_reach_subtlv(). (CVE-2017-13055)

  - The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
    (CVE-2017-13687)

  - The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().
    (CVE-2017-13688)

  - The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
    (CVE-2017-13689)

  - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)

  - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105)

  - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
    (CVE-2018-14461)

  - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().
    (CVE-2018-14462)

  - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().
    (CVE-2018-14463)

  - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-
    lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464)

  - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
    (CVE-2018-14465)

  - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and
    rx_cache_insert(). (CVE-2018-14466)

  - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()
    (BGP_CAPCODE_MP). (CVE-2018-14467)

  - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
    (CVE-2018-14468)

  - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
    (CVE-2018-14469)

  - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()
    (BGP_CAPCODE_RESTART). (CVE-2018-14881)

  - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)

  - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().
    (CVE-2018-16229)

  - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print()
    (MP_REACH_NLRI). (CVE-2018-16230)

  - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of
    unlimited recursion. (CVE-2018-16300)

  - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by
    its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2018-16301)

  - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for
    \MAILSLOT\BROWSE and \PIPE\LANMAN. (CVE-2018-16451)

  - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.
    (CVE-2018-16452)

  - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
    (CVE-2019-15166)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1057247");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1153098");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1153332");
  # https://www.suse.com/support/update/announcement/2019/suse-su-201914191-1.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e03f0e89");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12893");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12894");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12896");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12897");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12898");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12899");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12900");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12901");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12902");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12985");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12986");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12987");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12988");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12991");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12992");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12993");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12995");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12996");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12998");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-12999");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13001");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13002");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13003");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13004");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13005");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13006");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13008");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13009");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13010");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13012");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13013");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13014");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13016");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13017");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13018");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13019");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13021");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13022");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13023");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13024");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13025");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13027");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13028");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13029");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13030");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13031");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13032");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13034");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13035");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13036");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13037");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13038");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13041");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13047");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13048");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13049");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13051");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13053");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13055");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13687");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13688");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13689");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-13725");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-10103");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-10105");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14461");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14462");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14463");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14464");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14465");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14466");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14467");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14468");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14469");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14881");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14882");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-16229");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-16230");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-16300");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-16301");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-16451");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-16452");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-15166");
  script_set_attribute(attribute:"solution", value:
"Update the affected tcpdump package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-10105");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/09/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/10/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/06/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:tcpdump");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('audit.inc');
include('global_settings.inc');
include('misc_func.inc');
include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES11" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP4", os_ver + " SP" + sp);

pkgs = [
    {'reference':'tcpdump-3.9.8-1.30.13', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'tcpdump-3.9.8-1.30.13', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}
];

flag = 0;
foreach package_array ( pkgs ) {
  reference = NULL;
  release = NULL;
  sp = NULL;
  cpu = NULL;
  exists_check = NULL;
  rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && release && exists_check) {
    if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
  else if (reference && release) {
    if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  ltss_plugin_caveat = '\n' +
    'NOTE: This vulnerability check contains fixes that apply to\n' +
    'packages only available in SUSE Enterprise Linux Server LTSS\n' +
    'repositories. Access to these package security updates require\n' +
    'a paid SUSE LTSS subscription.\n';
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + ltss_plugin_caveat
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'tcpdump');
}
VendorProductVersionCPE
novellsuse_linuxtcpdumpp-cpe:/a:novell:suse_linux:tcpdump
novellsuse_linux11cpe:/o:novell:suse_linux:11

References

Related

openvas 33
nessus 57
osv 12
debian 5
photon 8
archlinux 1
ubuntu 4
gentoo 1
freebsd 1
slackware 2
almalinux 1
redhat 2
cloudfoundry 2
rocky 1
aix 2
mageia 2
ibm 2
oraclelinux 1
suse 2
f5 1
rosalinux 1
fedora 3
apple 4
prion 8
cve 7
ubuntucve 4
nvd 8
hackerone 1
cvelist 7
redhatcve 9
debiancve 7
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:14191-1)
2021-06-09 00:00:00
Debian: Security Advisory (DLA-1097-1)
2018-02-06 00:00:00
Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2017-1280)
2020-01-23 00:00:00
nessus
nessus
Debian DLA-1097-1 : tcpdump security update
2017-09-18 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : tcpdump vulnerabilities (USN-3415-1)
2017-09-14 00:00:00
Photon OS 1.0: Ruby / Tcpdump PHSA-2017-0034 (deprecated)
2018-08-17 00:00:00
osv
osv
tcpdump - security update
2017-09-15 00:00:00
tcpdump - security update
2017-09-13 00:00:00
Moderate: tcpdump security, bug fix, and enhancement update
2020-11-03 12:33:49
debian
debian
[SECURITY] [DLA 1097-1] tcpdump security update
2017-09-15 10:18:46
[SECURITY] [DSA 3971-1] tcpdump security update
2017-09-13 05:04:17
[SECURITY] [DLA 1955-1] tcpdump security update
2019-10-11 20:27:37
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0034
2017-09-19 00:00:00
Important Photon OS Security Update - PHSA-2017-0070
2017-09-19 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0182
2019-10-15 00:00:00
archlinux
archlinux
[ASA-201709-5] tcpdump: multiple issues
2017-09-13 00:00:00
ubuntu
ubuntu
tcpdump vulnerabilities
2017-09-14 00:00:00
tcpdump vulnerabilities
2017-09-14 00:00:00
tcpdump vulnerabilities
2020-01-27 00:00:00
gentoo
gentoo
Tcpdump: Multiple vulnerabilities
2017-09-25 00:00:00
freebsd
freebsd
tcpdump -- multiple vulnerabilities
2017-07-22 00:00:00
slackware
slackware
[slackware-security] tcpdump
2017-09-08 18:06:49
[slackware-security] tcpdump
2019-10-02 06:51:41
almalinux
almalinux
Moderate: tcpdump security, bug fix, and enhancement update
2020-11-03 12:33:49
redhat
redhat
(RHSA-2020:4760) Moderate: tcpdump security, bug fix, and enhancement update
2020-11-03 12:33:49
(RHSA-2021:2191) Moderate: tcpdump security update
2021-06-01 14:27:50
cloudfoundry
cloudfoundry
USN-3415-1: tcpdump vulnerabilities | Cloud Foundry
2017-09-21 00:00:00
USN-4252-1: tcpdump vulnerabilities | Cloud Foundry
2020-02-12 00:00:00
rocky
rocky
tcpdump security, bug fix, and enhancement update
2020-11-03 12:33:49
aix
aix
There are multiple vulnerabilities in tcpdump that impact AIX.
2017-11-08 09:27:01
There is a vulnerability in tcpdump that affects AIX.,There is a vulnerability in tcpdump that affects VIOS.
2020-01-08 12:57:55
mageia
mageia
Updated tcpdump packages fix security vulnerabilities
2017-09-10 15:36:09
Updated libpcap and tcpdump packages fix security vulnerabilities
2019-10-17 01:22:41
ibm
ibm
Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience PCA
2018-06-23 03:45:19
Security Bulletin: Vulnerabilities in tcpdump affect AIX
2021-02-26 18:48:40
oraclelinux
oraclelinux
tcpdump security, bug fix, and enhancement update
2020-11-10 00:00:00
suse
suse
Security update for tcpdump (important)
2019-10-20 00:00:00
Security update for tcpdump (important)
2019-10-20 00:00:00
f5
f5
K44551633 : Multiple tcpdump vulnerabilities
2019-11-11 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1985
2021-07-02 18:15:22
fedora
fedora
[SECURITY] Fedora 30 Update: tcpdump-4.9.3-1.fc30
2019-10-28 01:03:58
[SECURITY] Fedora 29 Update: tcpdump-4.9.3-1.fc29
2019-10-25 18:09:47
[SECURITY] Fedora 31 Update: tcpdump-4.9.3-1.fc31
2019-10-30 00:58:06
apple
apple
About the security content of macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan
2017-10-31 00:00:00
About the security content of macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan - Apple Support
2019-04-03 09:42:09
About the security content of macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
2019-12-10 00:00:00
prion
prion
Design/Logic Flaw
2017-09-14 06:29:00
Buffer overflow
2017-09-14 06:29:00
Design/Logic Flaw
2017-09-14 06:29:00
cve
cve
CVE-2017-12899
2017-09-14 06:29:00
CVE-2017-13031
2017-09-14 06:29:02
CVE-2017-13030
2017-09-14 06:29:02
ubuntucve
ubuntucve
CVE-2017-12996
2017-09-13 00:00:00
CVE-2017-13049
2017-09-11 00:00:00
CVE-2017-13048
2017-09-13 00:00:00
nvd
nvd
CVE-2017-13036
2017-09-14 06:29:02
CVE-2017-13004
2017-09-14 06:29:01
CVE-2017-13029
2017-09-14 06:29:02
hackerone
hackerone
Internet Bug Bounty: CVE-2017-13019: The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print()
2020-02-23 16:49:27
cvelist
cvelist
CVE-2017-13689
2017-09-14 06:00:00
CVE-2017-13022
2017-09-14 06:00:00
CVE-2017-13051
2017-09-14 06:00:00
redhatcve
redhatcve
CVE-2017-13022
2017-09-14 04:58:20
CVE-2017-13051
2017-09-14 04:58:56
CVE-2017-12894
2017-09-14 04:21:01
debiancve
debiancve
CVE-2017-13047
2017-09-14 06:29:02
CVE-2017-13014
2017-09-14 06:29:01
CVE-2017-13021
2017-09-14 06:29:01

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.015

Percentile

86.8%

JSON
Related for SUSE_SU-2019-14191-1.NASL
openvas33nessus57osv12debian5photon8archlinux1ubuntu4gentoo1freebsd1slackware2almalinux1redhat2cloudfoundry2rocky1aix2mageia2ibm2oraclelinux1suse2f51rosalinux1fedora3apple4prion8cve7ubuntucve4nvd8hackerone1cvelist7redhatcve9debiancve7