8 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-12895
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmpprint. CVE-2017-12895 Note that Nessus relies on the presence of the package ...
openSUSE Security Update : tcpdump (openSUSE-2017-1205)
This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...
SUSE SLED12 / SLES12 Security Update : tcpdump (SUSE-SU-2017:2854-1)
This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...
CVE-2017-12895
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmpprint...
CVE-2017-12895
CVE-2017-12895 affects tcpdump prior to 4.9.2, describing a buffer over-read in the ICMP parser (print-icmp.c: icmp_print). This could allow a remote attacker to obtain sensitive information through crafted traffic. Mitigation: upgrade tcpdump to version 4.9.2 or newer; no other details (vectors,...
[ASA-201709-5] tcpdump: multiple issues
Arch Linux Security Advisory ASA-201709-5 ========================================= Severity: Critical Date : 2017-09-13 CVE-ID : CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900...
Debian: Security Advisory (DSA-3971-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] tcpdump
New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/tcpdump-4.9.2-i586-1slack14.2.txz: Upgraded. This update fixes bugs and many security issues see the included...