Linux Distros Unpatched Vulnerability : CVE-2017-12902

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. CVE-2017-12902 Note that Nessus relies on the presence of...

SUSE CVE-2017-12902

The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions...

SUSE SLES11 Security Update : tcpdump (SUSE-SU-2019:14191-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14191-1 advisory. - The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:namelen. CVE-2017-12893 - Several protocol parsers in tcpdum...

openSUSE Security Update : tcpdump (openSUSE-2017-1205)

This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...

SUSE SLED12 / SLES12 Security Update : tcpdump (SUSE-SU-2017:2854-1)

This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...

CVE-2017-12902

The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions...

CVE-2017-12902

CVE-2017-12902 affects tcpdump (Zephyr parser) up to version 4.9.2. The vulnerability is a buffer over-read in print-zephyr.c that could lead to information exposure or a crash. Affected product: tcpdump (Zephyr parser) before 4.9.2. Root cause: buffer over-read in Zephyr parser. Impact (as per s...

Debian: Security Advisory (DSA-3971-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] tcpdump

New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/tcpdump-4.9.2-i586-1slack14.2.txz: Upgraded. This update fixes bugs and many security issues see the included...