exploit the possibilities
Showing 1 - 7 of 7 RSS Feed

CVE-2014-9140

Status Candidate

Overview

Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.

Related Files

Mandriva Linux Security Advisory 2015-125
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-125 - The Tcpdump program could crash when processing a malformed OLSR payload when the verbose output flag was set. The application decoder for the Ad hoc On-Demand Distance Vector protocol in Tcpdump fails to perform input validation and performs unsafe out-of-bound accesses. The application will usually not crash, but perform out-of-bounds accesses and output/leak larger amounts of invalid data, which might lead to dropped packets. It is unknown if a payload exists that might trigger segfaults. It was discovered that tcpdump incorrectly handled printing PPP packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. Several vulnerabilities have been discovered in tcpdump. These vulnerabilities might result in denial of service (application crash) or, potentially, execution of arbitrary code. .

tags | advisory, remote, denial of service, arbitrary, vulnerability, protocol
systems | linux, mandriva
advisories | CVE-2014-8767, CVE-2014-8769, CVE-2014-9140, CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155
MD5 | 1df1e211a574672c86cc2efd37d45e7b
tcpdump 4.7.3
Posted Mar 11, 2015
Site tcpdump.org

tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.

Changes: Multiple security bugs addressed.
tags | tool, sniffer
systems | unix
advisories | CVE-2014-9140, CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155
MD5 | 334a4761594b29f80793c1303f0f4acc
tcpdump 4.7.2
Posted Mar 10, 2015
Site tcpdump.org

tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.

Changes: Multiple security bugs addressed.
tags | tool, sniffer
systems | unix
advisories | CVE-2014-9140, CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155
MD5 | 5b5c1cc7ef55e08e8f7d66815fdea508
tcpdump Denial Of Service / Code Execution
Posted Mar 10, 2015
Authored by Michael Richardson

tcpdump versions prior to 4.7.2 suffer from denial of service and code execution vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
advisories | CVE-2014-9140, CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155
MD5 | 61a0f5502011e367327a76cbec7c658d
Gentoo Linux Security Advisory 201502-05
Posted Feb 9, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-5 - Multiple vulnerabilities in tcpdump could result in execution of arbitrary code or Denial of Service. Versions less than 4.6.2-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-8767, CVE-2014-8768, CVE-2014-8769, CVE-2014-9140
MD5 | 7d228bcbe40d6dba7d96f604de7d81a1
Debian Security Advisory 3086-1
Posted Dec 4, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3086-1 - Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service, leaking sensitive information from memory or, potentially, execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2014-8767, CVE-2014-8769, CVE-2014-9140
MD5 | c2f21f6ce742fe922a9c929df6f48435
Ubuntu Security Notice USN-2433-1
Posted Dec 4, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2433-1 - Steffen Bauch discovered that tcpdump incorrectly handled printing OSLR packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. Steffen Bauch discovered that tcpdump incorrectly handled printing GeoNet packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 14.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-8767, CVE-2014-8768, CVE-2014-8769, CVE-2014-9140
MD5 | 2fc1e5b3e3d2875471d98ebd7781afd0
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    15 Files
  • 27
    Feb 27th
    15 Files
  • 28
    Feb 28th
    4 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close