SUSE CVE-2017-11108

tcpdump 4.9.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via crafted packet data. The crash occurs in the EXTRACT16BITS function, called from the stpprint function for the Spanning Tree Protocol...

Mageia: Security Advisory (MGASA-2017-0241)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2690-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2854-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2019-2435)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : tcpdump (EulerOS-SA-2019-2435)

According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - tcpdump 4.9.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via crafted packet data. Th...

NewStart CGSL CORE 5.04 / MAIN 5.04 : tcpdump Multiple Vulnerabilities (NS-SA-2019-0071)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has tcpdump packages installed that are affected by multiple vulnerabilities: - The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6print. CVE-2017-12986, CVE-2017-13725 - tcpdump 4.9...

openSUSE Security Update : tcpdump (openSUSE-2017-1205)

This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...

SUSE SLED12 / SLES12 Security Update : tcpdump (SUSE-SU-2017:2854-1)

This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...

SUSE SLES11 Security Update : tcpdump (SUSE-SU-2017:2690-1)

This update for tcpdump fixes the following issues: Security issues fixed : - CVE-2017-11108: Crafted input allowed remote DoS bsc1047873 - CVE-2017-11541: Prevent a heap-based buffer over-read in the lldpprint function in print-lldp.c, related to util-print.c bsc1057247. - CVE-2017-11542: Preven...

[SECURITY] [DSA 3971-1] tcpdump security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3971-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 13, 2017 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-3971-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1090-1] tcpdump security update

Package : tcpdump Version : 4.9.0-1deb7u2 CVE ID : CVE-2017-11108 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service application crash. For Debian 7...

[slackware-security] tcpdump

New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/tcpdump-4.9.1-i586-1slack14.2.txz: Upgraded. This update fixes an issue where tcpdump 4.9.0 allows remote...

CVE-2017-11108

tcpdump 4.9.0 is vulnerable to a remote denial of service and possible code execution via a crafted packet, due to a heap-based overflow/over-read in EXTRACT_16BITS called from stp_print. IBM notes CVSS ~7.5 (HIGH) with network access. A fix is available in tcpdump 4.9.2; upgrade to 4.9.2+ to mit...

CVE-2017-11108

tcpdump 4.9.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via crafted packet data. The crash occurs in the EXTRACT16BITS function, called from the stpprint function for the Spanning Tree Protocol...