Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2017-251-03
HistorySep 08, 2017 - 6:06 p.m.

[slackware-security] tcpdump

2017-09-0818:06:49
Slackware Linux Project
www.slackware.com
40

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.161 Low

EPSS

Percentile

95.9%

JSON

New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2,
and -current to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:

patches/packages/tcpdump-4.9.2-i586-1_slack14.2.txz: Upgraded.
This update fixes bugs and many security issues (see the included
CHANGES file).
For more information, see:
https://vulners.com/cve/CVE-2017-11541
https://vulners.com/cve/CVE-2017-11541
https://vulners.com/cve/CVE-2017-11542
https://vulners.com/cve/CVE-2017-11542
https://vulners.com/cve/CVE-2017-11543
https://vulners.com/cve/CVE-2017-11543
https://vulners.com/cve/CVE-2017-12893
https://vulners.com/cve/CVE-2017-12894
https://vulners.com/cve/CVE-2017-12895
https://vulners.com/cve/CVE-2017-12896
https://vulners.com/cve/CVE-2017-12897
https://vulners.com/cve/CVE-2017-12898
https://vulners.com/cve/CVE-2017-12899
https://vulners.com/cve/CVE-2017-12900
https://vulners.com/cve/CVE-2017-12901
https://vulners.com/cve/CVE-2017-12902
https://vulners.com/cve/CVE-2017-12985
https://vulners.com/cve/CVE-2017-12986
https://vulners.com/cve/CVE-2017-12987
https://vulners.com/cve/CVE-2017-12988
https://vulners.com/cve/CVE-2017-12989
https://vulners.com/cve/CVE-2017-12990
https://vulners.com/cve/CVE-2017-12991
https://vulners.com/cve/CVE-2017-12992
https://vulners.com/cve/CVE-2017-12993
https://vulners.com/cve/CVE-2017-12994
https://vulners.com/cve/CVE-2017-12995
https://vulners.com/cve/CVE-2017-12996
https://vulners.com/cve/CVE-2017-12997
https://vulners.com/cve/CVE-2017-12998
https://vulners.com/cve/CVE-2017-12999
https://vulners.com/cve/CVE-2017-13000
https://vulners.com/cve/CVE-2017-13001
https://vulners.com/cve/CVE-2017-13002
https://vulners.com/cve/CVE-2017-13003
https://vulners.com/cve/CVE-2017-13004
https://vulners.com/cve/CVE-2017-13005
https://vulners.com/cve/CVE-2017-13006
https://vulners.com/cve/CVE-2017-13007
https://vulners.com/cve/CVE-2017-13008
https://vulners.com/cve/CVE-2017-13009
https://vulners.com/cve/CVE-2017-13010
https://vulners.com/cve/CVE-2017-13011
https://vulners.com/cve/CVE-2017-13012
https://vulners.com/cve/CVE-2017-13013
https://vulners.com/cve/CVE-2017-13014
https://vulners.com/cve/CVE-2017-13015
https://vulners.com/cve/CVE-2017-13016
https://vulners.com/cve/CVE-2017-13017
https://vulners.com/cve/CVE-2017-13018
https://vulners.com/cve/CVE-2017-13019
https://vulners.com/cve/CVE-2017-13020
https://vulners.com/cve/CVE-2017-13021
https://vulners.com/cve/CVE-2017-13022
https://vulners.com/cve/CVE-2017-13023
https://vulners.com/cve/CVE-2017-13024
https://vulners.com/cve/CVE-2017-13025
https://vulners.com/cve/CVE-2017-13026
https://vulners.com/cve/CVE-2017-13027
https://vulners.com/cve/CVE-2017-13028
https://vulners.com/cve/CVE-2017-13029
https://vulners.com/cve/CVE-2017-13030
https://vulners.com/cve/CVE-2017-13031
https://vulners.com/cve/CVE-2017-13032
https://vulners.com/cve/CVE-2017-13033
https://vulners.com/cve/CVE-2017-13034
https://vulners.com/cve/CVE-2017-13035
https://vulners.com/cve/CVE-2017-13036
https://vulners.com/cve/CVE-2017-13037
https://vulners.com/cve/CVE-2017-13038
https://vulners.com/cve/CVE-2017-13039
https://vulners.com/cve/CVE-2017-13040
https://vulners.com/cve/CVE-2017-13041
https://vulners.com/cve/CVE-2017-13042
https://vulners.com/cve/CVE-2017-13043
https://vulners.com/cve/CVE-2017-13044
https://vulners.com/cve/CVE-2017-13045
https://vulners.com/cve/CVE-2017-13046
https://vulners.com/cve/CVE-2017-13047
https://vulners.com/cve/CVE-2017-13048
https://vulners.com/cve/CVE-2017-13049
https://vulners.com/cve/CVE-2017-13050
https://vulners.com/cve/CVE-2017-13051
https://vulners.com/cve/CVE-2017-13052
https://vulners.com/cve/CVE-2017-13053
https://vulners.com/cve/CVE-2017-13054
https://vulners.com/cve/CVE-2017-13055
https://vulners.com/cve/CVE-2017-13687
https://vulners.com/cve/CVE-2017-13688
https://vulners.com/cve/CVE-2017-13689
https://vulners.com/cve/CVE-2017-13690
https://vulners.com/cve/CVE-2017-13725
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/tcpdump-4.9.2-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/tcpdump-4.9.2-x86_64-1_slack13.37.txz

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/tcpdump-4.9.2-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/tcpdump-4.9.2-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/tcpdump-4.9.2-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/tcpdump-4.9.2-x86_64-1_slack14.1.txz

Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/tcpdump-4.9.2-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/tcpdump-4.9.2-x86_64-1_slack14.2.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/tcpdump-4.9.2-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/tcpdump-4.9.2-x86_64-1.txz

MD5 signatures:

Slackware 13.37 package:
36a25ab80a678b54c23a144ec07599e7 tcpdump-4.9.2-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
805465d004efefd1a8262395dcccb7fc tcpdump-4.9.2-x86_64-1_slack13.37.txz

Slackware 14.0 package:
2abd4f36984c91691165da030b215647 tcpdump-4.9.2-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
35459d4db677645529669e4446bb1ab4 tcpdump-4.9.2-x86_64-1_slack14.0.txz

Slackware 14.1 package:
e2c536ebb9883e61324387f29412d30a tcpdump-4.9.2-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
1a6df6e184ab4277c3e352a28979c681 tcpdump-4.9.2-x86_64-1_slack14.1.txz

Slackware 14.2 package:
dcb4915f83f7a07c2f483853871ef39b tcpdump-4.9.2-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
c64506c12c6ac9afaa4df8520b14452d tcpdump-4.9.2-x86_64-1_slack14.2.txz

Slackware -current package:
c572ff9d3db54f34872fd6134c30da50 n/tcpdump-4.9.2-i586-1.txz

Slackware x86_64 -current package:
1462c695af5dde636c31aa3bdeb6a101 n/tcpdump-4.9.2-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg tcpdump-4.9.2-i586-1_slack14.2.txz

Related

openvas 15
nessus 28
debian 4
gentoo 1
freebsd 1
cloudfoundry 1
osv 26
photon 3
archlinux 1
ubuntu 2
mageia 1
aix 1
ibm 2
apple 2
cve 19
redhatcve 30
prion 23
hackerone 3
ubuntucve 17
debiancve 18
f5 1
openvas
openvas
Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2017-1280)
2020-01-23 00:00:00
Debian: Security Advisory (DLA-1097-1)
2018-02-06 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:2854-1)
2021-04-19 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : tcpdump vulnerabilities (USN-3415-1)
2017-09-14 00:00:00
EulerOS 2.0 SP1 : tcpdump (EulerOS-SA-2017-1280)
2017-11-02 00:00:00
Debian DSA-3971-1 : tcpdump - security update
2017-09-13 00:00:00
debian
debian
[SECURITY] [DLA 1097-1] tcpdump security update
2017-09-15 10:18:46
[SECURITY] [DSA 3971-1] tcpdump security update
2017-09-13 05:04:17
[SECURITY] [DSA 3971-1] tcpdump security update
2017-09-13 05:04:17
gentoo
gentoo
Tcpdump: Multiple vulnerabilities
2017-09-25 00:00:00
freebsd
freebsd
tcpdump -- multiple vulnerabilities
2017-07-22 00:00:00
cloudfoundry
cloudfoundry
USN-3415-1: tcpdump vulnerabilities | Cloud Foundry
2017-09-21 00:00:00
osv
osv
tcpdump - security update
2017-09-15 00:00:00
tcpdump - security update
2017-09-13 00:00:00
tcpdump - security update
2017-09-05 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0034
2017-09-19 00:00:00
Important Photon OS Security Update - PHSA-2017-0070
2017-09-19 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2017-0033
2017-09-13 00:00:00
archlinux
archlinux
[ASA-201709-5] tcpdump: multiple issues
2017-09-13 00:00:00
ubuntu
ubuntu
tcpdump vulnerabilities
2017-09-14 00:00:00
tcpdump vulnerabilities
2017-09-14 00:00:00
mageia
mageia
Updated tcpdump packages fix security vulnerabilities
2017-09-10 15:36:09
aix
aix
There are multiple vulnerabilities in tcpdump that impact AIX.
2017-11-08 09:27:01
ibm
ibm
Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience PCA
2018-06-23 03:45:19
Security Bulletin: Vulnerabilities in tcpdump affect IBM Chassis Management Module (CMM)
2019-01-31 02:40:01
apple
apple
About the security content of macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan
2017-10-31 00:00:00
About the security content of macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan - Apple Support
2019-04-03 09:42:09
cve
cve
CVE-2017-12899
2017-09-14 06:29:00
CVE-2017-13035
2017-09-14 06:29:00
CVE-2017-13044
2017-09-14 06:29:00
redhatcve
redhatcve
CVE-2017-13051
2017-09-14 04:58:56
CVE-2017-13013
2017-09-14 05:03:09
CVE-2017-13044
2017-09-14 04:55:14
prion
prion
Buffer overflow
2017-09-14 06:29:00
Design/Logic Flaw
2017-09-14 06:29:00
Buffer overflow
2017-09-14 06:29:00
hackerone
hackerone
Internet Bug Bounty: CVE-2017-13019: The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print()
2020-02-23 16:49:27
Internet Bug Bounty: CVE-2017-13010 The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
2017-09-15 23:45:26
Internet Bug Bounty: CVE-2017-13041 The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
2020-08-22 06:12:33
ubuntucve
ubuntucve
CVE-2017-11542
2017-07-22 00:00:00
CVE-2017-13041
2017-09-13 00:00:00
CVE-2017-13040
2017-09-13 00:00:00
debiancve
debiancve
CVE-2017-13020
2017-09-14 06:29:00
CVE-2017-13047
2017-09-14 06:29:00
CVE-2017-12986
2017-09-14 06:29:00
f5
f5
K13237658 : tcpdump vulnerability CVE-2017-11541
2017-08-31 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.161 Low

EPSS

Percentile

95.9%

JSON
Related for SSA-2017-251-03
openvas15nessus28debian4gentoo1freebsd1cloudfoundry1osv26photon3archlinux1ubuntu2mageia1aix1ibm2apple2cve19redhatcve30prion23hackerone3ubuntucve17debiancve18f51