Linux Distros Unpatched Vulnerability : CVE-2017-12901

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrpprint. CVE-2017-12901 Note that Nessus relies on the presence of the packa...

SUSE SLES11 Security Update : tcpdump (SUSE-SU-2019:14191-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14191-1 advisory. - The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:namelen. CVE-2017-12893 - Several protocol parsers in tcpdum...

openSUSE Security Update : tcpdump (openSUSE-2017-1205)

This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...

SUSE SLED12 / SLES12 Security Update : tcpdump (SUSE-SU-2017:2854-1)

This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...

DEBIAN-CVE-2017-12901

The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrpprint...

CVE-2017-12901

This CVE concerns tcpdump's EIGRP parser. A buffer over-read in print-eigrp.c:eigrp_print() affects tcpdump before version 4.9.2, enabling a remote attacker to potentially access sensitive information. The issue is mitigated by upgrading to tcpdump 4.9.2 or later, which contains the fix. If upgra...

CVE-2017-12901

The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrpprint...

CVE-2017-12901

The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrpprint...

Debian: Security Advisory (DSA-3971-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] tcpdump

New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/tcpdump-4.9.2-i586-1slack14.2.txz: Upgraded. This update fixes bugs and many security issues see the included...