Lucene search
SuseOPENSUSE-SU-2019:2348-1HistoryOct 20, 2019 - 12:00 a.m.
Security update for tcpdump (important)
2019-10-2000:00:00
lists.opensuse.org
86
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
An update that fixes 28 vulnerabilities is now available.
Description:
This update for tcpdump fixes the following issues:
- CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print
and lookup_emem (bsc#1068716 bsc#1153098). - CVE-2018-10103: Fixed a mishandling of the printing of SMB data
(bsc#1153098). - CVE-2018-10105: Fixed a mishandling of the printing of SMB data
(bsc#1153098). - CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print
(bsc#1153098). - CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print
(bsc#1153098). - CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print
(bsc#1153098). - CVE-2018-14464: Fixed a buffer over-read in
print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098). - CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print
(bsc#1153098). - CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find
(bsc#1153098). - CVE-2018-14467: Fixed a buffer over-read in
print-bgp.c:bgp_capabilities_print (bsc#1153098). - CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print
(bsc#1153098). - CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print
(bsc#1153098). - CVE-2018-14470: Fixed a buffer over-read in print-babel.c:babel_print_v2
(bsc#1153098). - CVE-2018-14879: Fixed a buffer overflow in the command-line argument
parser (bsc#1153098). - CVE-2018-14880: Fixed a buffer over-read in the OSPFv3 parser
(bsc#1153098). - CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).
- CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser
(bsc#1153098). - CVE-2018-16227: Fixed a buffer over-read in the IEEE 802.11 parser in
print-802_11.c for the Mesh Flags subfield (bsc#1153098). - CVE-2018-16228: Fixed a buffer over-read in the HNCP parser
(bsc#1153098). - CVE-2018-16229: Fixed a buffer over-read in the DCCP parser
(bsc#1153098). - CVE-2018-16230: Fixed a buffer over-read in the BGP parser in
print-bgp.c:bgp_attr_print (bsc#1153098). - CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that
allowed denial-of-service by stack consumption (bsc#1153098). - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).
- CVE-2018-16451: Fixed several buffer over-reads in
print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN
(bsc#1153098). - CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata
(bsc#1153098). - CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs
(bsc#1153098). - CVE-2019-15167: Fixed a vulnerability in VRRP (bsc#1153098).
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.1:
zypper in -t patch openSUSE-2019-2348=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.1 | x86_64 | < - openSUSE Leap 15.1 (x86_64): | - openSUSE Leap 15.1 (x86_64):.x86_64.rpm |
Related
nessus
nessus
SUSE SLES12 Security Update : tcpdump (SUSE-SU-2020:3360-1)
2020-12-09 00:00:00
Fedora 29 : 14:tcpdump (2019-85d92df70f)
2019-10-28 00:00:00
openSUSE Security Update : tcpdump (openSUSE-2019-2348)
2019-10-21 00:00:00
openvas
openvas
Fedora Update for tcpdump FEDORA-2019-85d92df70f
2019-10-26 00:00:00
Fedora Update for tcpdump FEDORA-2019-d06bc63433
2019-10-30 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:2674-1)
2021-06-09 00:00:00
slackware
slackware
[slackware-security] tcpdump
2019-10-02 06:51:41
suse
suse
Security update for tcpdump (important)
2019-10-20 00:00:00
Security update for tcpdump (moderate)
2019-08-20 00:00:00
Security update for tcpdump (moderate)
2022-03-09 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1985
2021-07-02 18:15:22
ibm
ibm
Security Bulletin: Vulnerabilities in tcpdump affect AIX
2021-02-26 18:48:40
almalinux
almalinux
Moderate: tcpdump security, bug fix, and enhancement update
2020-11-03 12:33:49
redhat
redhat
(RHSA-2020:4760) Moderate: tcpdump security, bug fix, and enhancement update
2020-11-03 12:33:49
(RHSA-2021:2191) Moderate: tcpdump security update
2021-06-01 14:27:50
aix
aix
ubuntu
ubuntu
tcpdump vulnerabilities
2020-01-27 00:00:00
tcpdump vulnerabilities
2020-01-27 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: tcpdump-4.9.3-1.fc29
2019-10-25 18:09:47
[SECURITY] Fedora 30 Update: tcpdump-4.9.3-1.fc30
2019-10-28 01:03:58
[SECURITY] Fedora 31 Update: tcpdump-4.9.3-1.fc31
2019-10-30 00:58:06
cloudfoundry
cloudfoundry
USN-4252-1: tcpdump vulnerabilities | Cloud Foundry
2020-02-12 00:00:00
osv
osv
tcpdump - security update
2019-10-21 00:00:00
tcpdump - security update
2019-10-10 00:00:00
Moderate: tcpdump security, bug fix, and enhancement update
2020-11-03 12:33:49
debian
debian
[SECURITY] [DSA 4547-1] tcpdump security update
2019-10-21 21:26:24
[SECURITY] [DLA 1955-1] tcpdump security update
2019-10-11 20:27:37
oraclelinux
oraclelinux
tcpdump security, bug fix, and enhancement update
2020-11-10 00:00:00
tcpdump security update
2020-04-06 00:00:00
rocky
rocky
tcpdump security, bug fix, and enhancement update
2020-11-03 12:33:49
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-2.0-0182
2019-10-15 00:00:00
Critical Photon OS Security Update - PHSA-2019-0182
2019-10-15 00:00:00
Critical Photon OS Security Update - PHSA-2019-3.0-0034
2019-10-15 00:00:00
f5
f5
K44551633 : Multiple tcpdump vulnerabilities
2019-11-11 00:00:00
K51512510 : tcpdump vulnerability CVE-2018-14879
2019-11-08 00:00:00
K56551263 : tcpdump vulnerability CVE-2018-14880
2019-10-28 00:00:00
mageia
mageia
Updated libpcap and tcpdump packages fix security vulnerabilities
2019-10-17 01:22:41
apple
apple
prion
prion
Code injection
2019-10-03 16:15:00
Code injection
2022-08-27 06:15:00
Design/Logic Flaw
2019-07-22 18:15:00
cve
cve
CVE-2018-14463
2019-10-03 16:15:00
CVE-2019-15167
2022-08-27 06:15:00
CVE-2019-1010220
2019-07-22 18:15:00
amazon
amazon
Medium: tcpdump
2023-07-05 22:01:00
Medium: tcpdump
2022-12-01 17:33:00
alpinelinux
alpinelinux
debiancve
debiancve
redhatcve
redhatcve
ubuntucve
ubuntucve
CVE-2019-15167
2019-09-30 00:00:00
CVE-2018-14463
2019-09-30 00:00:00
CVE-2019-1010220
2019-07-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-08-06 21:35:38
Arbitrary Code Execution
2020-08-06 21:30:28
Denial Of Service (DoS)
2020-08-06 21:28:16
hackerone
hackerone
cbl_mariner
cbl_mariner
CVE-2018-16301 affecting package tcpdump 4.9.3-3
2022-04-09 06:51:52
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related for OPENSUSE-SU-2019:2348-1