UbuntuUSN-3205-1tcpdump vulnerabilities
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
97.0%
Releases
- Ubuntu 16.10
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
- Ubuntu 12.04
Packages
- tcpdump - command-line network traffic analyzer
Details
It was discovered that tcpdump incorrectly handled certain packets. A
remote attacker could use this issue to cause tcpdump to crash, resulting
in a denial of service, or possibly execute arbitrary code.
In the default installation, attackers would be isolated by the tcpdump
AppArmor profile.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 16.10 | noarch | tcpdump | < 4.9.0-1ubuntu1~ubuntu16.10.1 | UNKNOWN |
| Ubuntu | 16.10 | noarch | tcpdump-dbgsym | < 4.9.0-1ubuntu1~ubuntu16.10.1 | UNKNOWN |
| Ubuntu | 16.04 | noarch | tcpdump | < 4.9.0-1ubuntu1~ubuntu16.04.1 | UNKNOWN |
| Ubuntu | 16.04 | noarch | tcpdump-dbgsym | < 4.9.0-1ubuntu1~ubuntu16.04.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | tcpdump | < 4.9.0-1ubuntu1~ubuntu14.04.1 | UNKNOWN |
| Ubuntu | 14.04 | noarch | tcpdump-dbgsym | < 4.9.0-1ubuntu1~ubuntu14.04.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | tcpdump | < 4.9.0-1ubuntu1~ubuntu12.04.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | tcpdump-dbgsym | < 4.9.0-1ubuntu1~ubuntu12.04.1 | UNKNOWN |
References
ubuntu.com/security/CVE-2016-7922
ubuntu.com/security/CVE-2016-7923
ubuntu.com/security/CVE-2016-7924
ubuntu.com/security/CVE-2016-7925
ubuntu.com/security/CVE-2016-7926
ubuntu.com/security/CVE-2016-7927
ubuntu.com/security/CVE-2016-7928
ubuntu.com/security/CVE-2016-7929
ubuntu.com/security/CVE-2016-7930
ubuntu.com/security/CVE-2016-7931
ubuntu.com/security/CVE-2016-7932
ubuntu.com/security/CVE-2016-7933
ubuntu.com/security/CVE-2016-7934
ubuntu.com/security/CVE-2016-7935
ubuntu.com/security/CVE-2016-7936
ubuntu.com/security/CVE-2016-7937
ubuntu.com/security/CVE-2016-7938
ubuntu.com/security/CVE-2016-7939
ubuntu.com/security/CVE-2016-7940
ubuntu.com/security/CVE-2016-7973
ubuntu.com/security/CVE-2016-7974
ubuntu.com/security/CVE-2016-7975
ubuntu.com/security/CVE-2016-7983
ubuntu.com/security/CVE-2016-7984
ubuntu.com/security/CVE-2016-7985
ubuntu.com/security/CVE-2016-7986
ubuntu.com/security/CVE-2016-7992
ubuntu.com/security/CVE-2016-7993
ubuntu.com/security/CVE-2016-8574
ubuntu.com/security/CVE-2016-8575
ubuntu.com/security/CVE-2017-5202
ubuntu.com/security/CVE-2017-5203
ubuntu.com/security/CVE-2017-5204
ubuntu.com/security/CVE-2017-5205
ubuntu.com/security/CVE-2017-5341
ubuntu.com/security/CVE-2017-5342
ubuntu.com/security/CVE-2017-5482
ubuntu.com/security/CVE-2017-5483
ubuntu.com/security/CVE-2017-5484
ubuntu.com/security/CVE-2017-5485
ubuntu.com/security/CVE-2017-5486
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
97.0%