Oracle Linux 8 : tcpdump (ELSA-2020-4760)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-4760 advisory. 14:4.9.3-1 - Resolves: 1804063 - Rebase tcpdump to 4.9.3 to fix multiple CVEs Tenable has extracted the preceding description block directly from the...

Security update for tcpdump (important)

openSUSE Security Update: Security update for tcpdump Announcement ID: openSUSE-SU-2019:2344-1 Rating: important References: 1068716 1153098 1153332 Cross-References: CVE-2017-16808 CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465...

CVE-2018-14469

CVE-2018-14469 affects tcpdump prior to 4.9.3. Root cause: buffer over-read in the IKEv1 parser (print-isakmp.c:ikev1_n_print()). Affected: tcpdump versions before 4.9.3. Impact stated in related advisories for tcpdump family includes potential crashes or instability; exploitation details are not...

Buffer overflow

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmprfc3948print...

CVE-2017-13690

CVE-2017-13690 affects tcpdump up to version 4.9.1 (before 4.9.2). The vulnerability is a buffer over-read in the IKEv2 parser, specifically in the print-isakmp.c functions, which could allow a network attacker to obtain sensitive information. The CVSS3 score is reported as 9.8 (CRITICAL); attack...