Tcpdump Security Vulnerabilities
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to...
6.2CVSS
6.1AI Score
0.0004EPSS
The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network...
6.5CVSS
6.4AI Score
0.002EPSS
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than...
9.1CVSS
8.7AI Score
0.003EPSS
The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe...
7.5CVSS
7.5AI Score
0.001EPSS
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of...
7.5CVSS
7.3AI Score
0.007EPSS
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds...
7.5CVSS
8.5AI Score
0.005EPSS
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()...
7.5CVSS
8.6AI Score
0.003EPSS
7.5CVSS
8.6AI Score
0.003EPSS
7.5CVSS
8.6AI Score
0.003EPSS
7.5CVSS
8.6AI Score
0.003EPSS
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags...
7.5CVSS
8.6AI Score
0.003EPSS
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited...
7.5CVSS
8.5AI Score
0.008EPSS
The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of...
7.8CVSS
7.8AI Score
0.001EPSS
7.5CVSS
8.6AI Score
0.003EPSS
The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in...
7CVSS
8.4AI Score
0.002EPSS
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print()...
7.5CVSS
8.6AI Score
0.003EPSS
The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and...
7.5CVSS
8.7AI Score
0.003EPSS
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via...
7.5CVSS
8.5AI Score
0.008EPSS
7.5CVSS
8.6AI Score
0.003EPSS
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than...
7.5CVSS
8.7AI Score
0.003EPSS
7.5CVSS
8.6AI Score
0.003EPSS
7.5CVSS
8.6AI Score
0.003EPSS
7.5CVSS
8.6AI Score
0.003EPSS
7.5CVSS
8.6AI Score
0.003EPSS
9.8CVSS
8.6AI Score
0.012EPSS
9.8CVSS
8.6AI Score
0.012EPSS
7.5CVSS
8.6AI Score
0.003EPSS
7.5CVSS
8.6AI Score
0.003EPSS
The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and...
7.5CVSS
8.6AI Score
0.003EPSS
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()...
7.5CVSS
8.6AI Score
0.003EPSS
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must...
3.3CVSS
6.1AI Score
0.001EPSS
In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing...
5.5CVSS
5.7AI Score
0.002EPSS
tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in...
5.5CVSS
7.1AI Score
0.002EPSS
print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process...
7.5CVSS
8.1AI Score
0.005EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several...
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.015EPSS
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in...
9.8CVSS
9.3AI Score
0.015EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.009EPSS
9.8CVSS
9.3AI Score
0.015EPSS
The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several...
9.8CVSS
9.3AI Score
0.009EPSS
The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in...
9.8CVSS
9.3AI Score
0.009EPSS