Showing 1 - 5 of 5

CVE-2017-12895

Status Candidate

Overview

The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().

Apple Security Advisory 2017-10-31-2: Posted Nov 1, 2017; Authored by Apple | Site apple.com; Apple Security Advisory 2017-10-31-2 - macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan are now available and address TLS weaknesses, issues in Apache, and many more vulnerabilities.; tags | advisory, vulnerability; systems | apple; advisories | CVE-2016-2161, CVE-2016-4736, CVE-2016-5387, CVE-2016-8740, CVE-2016-8743, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-11103, CVE-2017-11108, CVE-2017-11541, CVE-2017-11542, CVE-2017-11543, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-1298; SHA-256 | ac256e54648493ce415cbcd2306f79310dc0a2baeca5b8e57161504c227231ff; Download | Favorite | View

Gentoo Linux Security Advisory 201709-23: Posted Sep 25, 2017; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201709-23 - Multiple vulnerabilities have been found in Tcpdump, the worst of which may allow execution of arbitrary code. Versions less than 4.9.2 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2017-11108, CVE-2017-11541, CVE-2017-11542, CVE-2017-11543, CVE-2017-11544, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12989, CVE-2017-12990, CVE-2017-12991, CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12995; SHA-256 | 715558f6adb4faa8fec7d45efdb67a8b78c48d5649546e1643df6920765b7bbc; Download | Favorite | View

Ubuntu Security Notice USN-3415-2: Posted Sep 14, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3415-2 - USN-3415-1 fixed vulnerabilities in tcpdump for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 17.04. This update provides the corresponding tcpdump update for Ubuntu 12.04 ESM. Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.; tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability; systems | linux, ubuntu; advisories | CVE-2017-11108, CVE-2017-11541, CVE-2017-11542, CVE-2017-11543, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12989, CVE-2017-12990, CVE-2017-12991, CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12995, CVE-2017-12996; SHA-256 | 539d79402c91dda5af39139903dd297f3d2fb8f764bac4c98b83ee03f25ff58b; Download | Favorite | View

Ubuntu Security Notice USN-3415-1: Posted Sep 14, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3415-1 - Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Bhargava Shastry discovered a buffer overflow in the bitfield converter utility function bittok2str_internal in tcpdump. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.; tags | advisory, remote, denial of service, overflow, arbitrary; systems | linux, ubuntu; advisories | CVE-2017-11108, CVE-2017-11541, CVE-2017-11542, CVE-2017-11543, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12989, CVE-2017-12990, CVE-2017-12991, CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12995, CVE-2017-12996; SHA-256 | 52d7255e3b0be6c5110cc00aadc8090d0c0d119061e4f6e6e58849b7d5e47c93; Download | Favorite | View

tcpdump 4.9.2: Posted Sep 9, 2017; Site tcpdump.org; tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.; Changes: This release address a staggering amount of vulnerabilities.; tags | tool, sniffer; systems | unix; advisories | CVE-2017-11541, CVE-2017-11542, CVE-2017-11543, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12989, CVE-2017-12990, CVE-2017-12991, CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12995, CVE-2017-12996, CVE-2017-12997; SHA-256 | 798b3536a29832ce0cbb07fafb1ce5097c95e308a6f592d14052e1ef1505fe79; Download | Favorite | View

Page 1 of 1 Back 1 Next