11 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-12989
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print- resp.c:respgetlength. CVE-2017-12989 Note that Nessus relies on the...
openSUSE Security Update : tcpdump (openSUSE-2017-1205)
This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...
SUSE SLED12 / SLES12 Security Update : tcpdump (SUSE-SU-2017:2854-1)
This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed : - CVE-2017-11108: Prevent remote attackers to cause DoS heap-based buffer over-read and application crash via crafted packet data. The crash occured in the EXTRACT16BITS function, called from the...
USN-3415-1: tcpdump vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service application crash or possibly execute arbitrary code...
[SECURITY] [DLA 1097-1] tcpdump security update
Package : tcpdump Version : 4.9.2-1deb7u1 CVE ID : CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991...
CVE-2017-12989
The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:respgetlength...
CVE-2017-12989
The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:respgetlength...
CVE-2017-12989
The CVE-2017-12989 issue affects tcpdump before 4.9.2, where the RESP parser (print-resp.c:resp_get_length()) could enter an infinite loop, enabling a denial of service. Public sources show CVSSv3 base 7.5 (HIGH) with network access, low attack complexity, no authentication, and availability impa...
[SECURITY] [DSA 3971-1] tcpdump security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3971-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 13, 2017 https://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-3971-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] tcpdump
New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/tcpdump-4.9.2-i586-1slack14.2.txz: Upgraded. This update fixes bugs and many security issues see the included...