Linux Distros Unpatched Vulnerability : CVE-2017-11544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11543. Reason: This candidate is a duplicate of CVE-2017-11543. Notes: All CVE users...

Linux Distros Unpatched Vulnerability : CVE-2017-11543

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcpdump 4.9.0 has a buffer overflow in the sliplinkprint function in print-sl.c. CVE-2017-11543 Note that Nessus relies on the presence of the package as report...

SUSE CVE-2017-11545

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11543. Reason: This candidate is a duplicate of CVE-2017-11543. Notes: All CVE users should reference CVE-2017-11543 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

Ubuntu: Security Advisory (USN-3415-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2690-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2854-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2019-2435)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : tcpdump (EulerOS-SA-2019-2435)

According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - tcpdump 4.9.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via crafted packet data. Th...

NewStart CGSL CORE 5.04 / MAIN 5.04 : tcpdump Multiple Vulnerabilities (NS-SA-2019-0071)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has tcpdump packages installed that are affected by multiple vulnerabilities: - The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6print. CVE-2017-12986, CVE-2017-13725 - tcpdump 4.9...

Photon OS 1.0: Tcpdump PHSA-2017-0033

An update of the tcpdump package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0033. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121730;...

Photon OS 1.0: Tcpdump PHSA-2017-0033 (deprecated)

An update of tcpdump packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0033. The text itself is copyright C VMware, Inc...

openSUSE Security Update : tcpdump (openSUSE-2017-1205)

This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...

SUSE SLED12 / SLES12 Security Update : tcpdump (SUSE-SU-2017:2854-1)

This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...

SUSE SLES11 Security Update : tcpdump (SUSE-SU-2017:2690-1)

This update for tcpdump fixes the following issues: Security issues fixed : - CVE-2017-11108: Crafted input allowed remote DoS bsc1047873 - CVE-2017-11541: Prevent a heap-based buffer over-read in the lldpprint function in print-lldp.c, related to util-print.c bsc1057247. - CVE-2017-11542: Preven...

USN-3415-1: tcpdump vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service application crash or possibly execute arbitrary code...

USN-3415-2: tcpdump vulnerabilities

USN-3415-1 fixed vulnerabilities in tcpdump for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 17.04. This update provides the corresponding tcpdump update for Ubuntu 12.04 ESM. Original advisory details: Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attack...

[ASA-201709-5] tcpdump: multiple issues

Arch Linux Security Advisory ASA-201709-5 ========================================= Severity: Critical Date : 2017-09-13 CVE-ID : CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900...

Debian: Security Advisory (DSA-3971-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated tcpdump packages fix security vulnerabilities

Summary for 4.9.2 tcpdump release Do not use getprotobynumber for protocol name resolution. Do not do any protocol name resolution if -n is specified. Improve errors detection in the test scripts. Fix a segfault with OpenSSL 1.1 and improve OpenSSL usage. Clean up IS-IS printing. Fix buffer...

[slackware-security] tcpdump

New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/tcpdump-4.9.2-i586-1slack14.2.txz: Upgraded. This update fixes bugs and many security issues see the included...