Vulnerabilites related to redhat - tcpdump
Vulnerability from fkie_nvd
Published
2014-11-20 17:50
Modified
2025-04-12 10:46
Severity ?
Summary
tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | tcpdump | 3.8.0 | |
| redhat | tcpdump | 3.8.2 | |
| redhat | tcpdump | 3.9.2 | |
| redhat | tcpdump | 3.9.3 | |
| redhat | tcpdump | 3.9.4 | |
| redhat | tcpdump | 3.9.5 | |
| redhat | tcpdump | 3.9.6 | |
| redhat | tcpdump | 3.9.7 | |
| redhat | tcpdump | 3.9.8 | |
| redhat | tcpdump | 4.0.0 | |
| redhat | tcpdump | 4.1.0 | |
| redhat | tcpdump | 4.1.1 | |
| redhat | tcpdump | 4.1.2 | |
| redhat | tcpdump | 4.2.1 | |
| redhat | tcpdump | 4.3.0 | |
| redhat | tcpdump | 4.3.1 | |
| redhat | tcpdump | 4.4.0 | |
| redhat | tcpdump | 4.5.0 | |
| redhat | tcpdump | 4.5.1 | |
| redhat | tcpdump | 4.5.2 | |
| redhat | tcpdump | 4.6.0 | |
| redhat | tcpdump | 4.6.1 | |
| redhat | tcpdump | 4.6.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "50CE25C6-CC5E-487B-A9F5-68BFD83A265E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F3728265-2920-4840-AD57-06FEAE523DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4582B9B3-8296-4A51-A49E-C1521E6AD55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8DAAD66F-8FDC-4EEA-9FED-04197A3E95CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F45580E7-2791-4841-AF76-9591440EDE9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6EF2BB6-A4E1-403A-95AD-CB4F5C5517A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2BADA780-6314-4875-B467-5547BF75C08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7DAE5CAC-A078-4F63-9598-9CA511EC0034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3E041494-8649-4BD5-8DF7-816B4C73E6CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27D17DA2-A04C-43A4-AE1F-027C9E5EDC85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9FA963D-E15E-4711-AFE6-10D0D464FB38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "74BFC816-CCFF-495A-BFBA-8296F6FF1E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9298E0-5B24-4FBD-A5A2-D7DCE91FD219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B797590-4EA3-4144-819D-F55D8B60AC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10639170-0C13-4E2B-A4FA-AB4F9642DD35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5EA00F9-54AC-429E-9241-64142102898F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "653A18E7-DCA6-4FB0-9F16-66B3CB11CE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DBB358B0-2043-450E-AB3F-D88CA5156DB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D13172-9D80-4DD5-A749-9A9F95466C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E4628C-DFE6-44AE-9B46-6341318CA483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9CC04B-CF1E-4B0E-8D45-B02B1E07E004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "48EDCB25-E42B-4CA1-BB7E-E5CEA9F74DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9E7FE0-FA1A-4A46-A408-BDF2D2DE73B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access."
},
{
"lang": "es",
"value": "tcpdump 3.8 hasta 4.6.2 podr\u00eda permitir a atacantes remotos obtener informaci\u00f3n sensible de la memoria o causar una denegaci\u00f3n de servicio ( paquetes perdidos o fallo de segmentaci\u00f3n) a trav\u00e9s de un paquete manipulado Ad hoc On-Demand Distance (AODV), que desencadena un acceso a memoria fuera de rango."
}
],
"id": "CVE-2014-8769",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-20T17:50:06.897",
"references": [
{
"source": "cve@mitre.org",
"url": "http://advisories.mageia.org/MGASA-2014-0503.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/129157/tcpdump-4.6.2-AOVD-Unreliable-Output.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Nov/49"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/534009/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/71153"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98764"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0503.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/129157/tcpdump-4.6.2-AOVD-Unreliable-Output.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Nov/49"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/534009/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/71153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-02-17 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:tcpdump:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF58D46A-19E6-42EF-877A-C215DAB5AC19",
"versionEndIncluding": "3.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057."
},
{
"lang": "es",
"value": "tcpdump anteriores a 3.8.1 permite a atacantes remotos causar una denegaci\u00f3n de servico (bucle infinito) mediante ciertos paquetes ISAKMP, una vulnerabilidad distinta de CAN-2004-9957."
}
],
"id": "CVE-2003-0989",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-02-17T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt"
},
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lwn.net/Alerts/66445/"
},
{
"source": "cve@mitre.org",
"url": "http://lwn.net/Alerts/66805/"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107577418225627\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10636"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10637"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10639"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10644"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10652"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10668"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10718"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11022"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11032/"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/12179/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-425"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/738518"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:008"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-007.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-008.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/350238/30/21640/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/9507"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1008716"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10599"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A847"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lwn.net/Alerts/66445/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lwn.net/Alerts/66805/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107577418225627\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11032/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/12179/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/738518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/350238/30/21640/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/9507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1008716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A852"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-20 17:50
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| oracle | solaris | 11.2 | |
| redhat | tcpdump | 4.5.0 | |
| redhat | tcpdump | 4.5.1 | |
| redhat | tcpdump | 4.5.2 | |
| redhat | tcpdump | 4.6.0 | |
| redhat | tcpdump | 4.6.1 | |
| redhat | tcpdump | 4.6.2 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DBB358B0-2043-450E-AB3F-D88CA5156DB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D13172-9D80-4DD5-A749-9A9F95466C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E4628C-DFE6-44AE-9B46-6341318CA483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9CC04B-CF1E-4B0E-8D45-B02B1E07E004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "48EDCB25-E42B-4CA1-BB7E-E5CEA9F74DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9E7FE0-FA1A-4A46-A408-BDF2D2DE73B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame."
},
{
"lang": "es",
"value": "M\u00faltiples subdesbordamientos de enteros en la funci\u00f3n geonet_print en tcpdump 4.5.0 hasta 4.6.2, cuando se utiliza el modo verbose, permite a atacantes remotos causar una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n y ca\u00edda) a trav\u00e9s de un valor de longitud manipulado en un Frame Geonet."
}
],
"id": "CVE-2014-8768",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-20T17:50:05.863",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/129156/tcpdump-4.6.2-Geonet-Denial-Of-Service.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://seclists.org/fulldisclosure/2014/Nov/48"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/35359"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/534010/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/71155"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98766"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/129156/tcpdump-4.6.2-Geonet-Denial-Of-Service.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://seclists.org/fulldisclosure/2014/Nov/48"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/35359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/534010/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/71155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98766"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-05 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:tcpdump:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33588E11-C56C-44EB-8CC5-D034A79091C3",
"versionEndIncluding": "4.6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en la funci\u00f3n ppp_hdlc en print-ppp.c en tcpdump 4.6.2 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un paquete PPP manipulado."
}
],
"id": "CVE-2014-9140",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-05T16:59:12.910",
"references": [
{
"source": "cve@mitre.org",
"url": "http://advisories.mageia.org/MGASA-2014-0511.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/tcpdump/2014/q4/72"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3193"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/534829/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/71468"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0511.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/tcpdump/2014/q4/72"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/534829/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-20 17:50
Modified
2025-04-12 10:46
Severity ?
Summary
Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | tcpdump | 3.9.6 | |
| redhat | tcpdump | 3.9.7 | |
| redhat | tcpdump | 3.9.8 | |
| redhat | tcpdump | 4.0.0 | |
| redhat | tcpdump | 4.1.0 | |
| redhat | tcpdump | 4.1.1 | |
| redhat | tcpdump | 4.1.2 | |
| redhat | tcpdump | 4.2.1 | |
| redhat | tcpdump | 4.3.0 | |
| redhat | tcpdump | 4.3.1 | |
| redhat | tcpdump | 4.4.0 | |
| redhat | tcpdump | 4.5.0 | |
| redhat | tcpdump | 4.5.1 | |
| redhat | tcpdump | 4.5.2 | |
| redhat | tcpdump | 4.6.0 | |
| redhat | tcpdump | 4.6.1 | |
| redhat | tcpdump | 4.6.2 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2BADA780-6314-4875-B467-5547BF75C08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7DAE5CAC-A078-4F63-9598-9CA511EC0034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3E041494-8649-4BD5-8DF7-816B4C73E6CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27D17DA2-A04C-43A4-AE1F-027C9E5EDC85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9FA963D-E15E-4711-AFE6-10D0D464FB38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "74BFC816-CCFF-495A-BFBA-8296F6FF1E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9298E0-5B24-4FBD-A5A2-D7DCE91FD219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B797590-4EA3-4144-819D-F55D8B60AC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10639170-0C13-4E2B-A4FA-AB4F9642DD35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5EA00F9-54AC-429E-9241-64142102898F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "653A18E7-DCA6-4FB0-9F16-66B3CB11CE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DBB358B0-2043-450E-AB3F-D88CA5156DB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D13172-9D80-4DD5-A749-9A9F95466C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E4628C-DFE6-44AE-9B46-6341318CA483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9CC04B-CF1E-4B0E-8D45-B02B1E07E004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "48EDCB25-E42B-4CA1-BB7E-E5CEA9F74DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9E7FE0-FA1A-4A46-A408-BDF2D2DE73B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame."
},
{
"lang": "es",
"value": "Subdesbordamiento de enteros en la funci\u00f3n olsr_print en tcpdump 3.9.6 hasta 4.6.2, cuando est\u00e1 en el modo verbose, permite a atacantes remotos causar una denegaci\u00f3n de servicio(ca\u00edda) a trav\u00e9s de valor de longitud manipulado en un Frame OLSR."
}
],
"id": "CVE-2014-8767",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-20T17:50:04.723",
"references": [
{
"source": "cve@mitre.org",
"url": "http://advisories.mageia.org/MGASA-2014-0503.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/129155/tcpdump-4.6.2-OSLR-Denial-Of-Service.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Nov/47"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/534011/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/71150"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98765"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0503.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/129155/tcpdump-4.6.2-OSLR-Denial-Of-Service.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Nov/47"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/534011/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/71150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-06-09 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
tcpdump does not properly drop privileges to the pcap user when starting up.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.4-39:*:i386:*:*:*:*:*",
"matchCriteriaId": "655DF4AC-5573-4832-B601-3121C4206741",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.6.2-9:*:i386:*:*:*:*:*",
"matchCriteriaId": "BF77546F-26C2-48F7-B041-BA2C9863445C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.6.2-9:*:ia64:*:*:*:*:*",
"matchCriteriaId": "2F42C3A9-230E-411C-BF76-4DBC1B074E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.6.2-12:*:i386:*:*:*:*:*",
"matchCriteriaId": "296411E3-2A64-4F21-A9D8-AD31B1EDCB0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.6.3-3:*:i386:*:*:*:*:*",
"matchCriteriaId": "51C18B7E-006A-4D48-BB4D-0F3972032CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:tcpdump:3.7.2-1:*:i386:*:*:*:*:*",
"matchCriteriaId": "3B52A38A-A3A6-4D33-9B83-15DF47001B41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "tcpdump does not properly drop privileges to the pcap user when starting up."
},
{
"lang": "es",
"value": "Cuando se arranca tcpdump, \u00e9ste no rebaja privilegios adecuadamente al usuario pcap"
}
],
"id": "CVE-2003-0194",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-06-09T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-151.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-174.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-151.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-174.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-9140 (GCVE-0-2014-9140)
Vulnerability from cvelistv5
Published
2014-12-05 16:00
Modified
2024-08-06 13:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:33:13.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2014:240",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"name": "MDVSA-2015:125",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "20150309 tcpdump 4.7.2 remote crashes",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534829/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0511.html"
},
{
"name": "USN-2433-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"name": "openSUSE-SU-2015:0616",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html"
},
{
"name": "DSA-3086",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"name": "71468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71468"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "DSA-3193",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3193"
},
{
"name": "[tcpdump] 20141124 Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/tcpdump/2014/q4/72"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2014:240",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"name": "MDVSA-2015:125",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "20150309 tcpdump 4.7.2 remote crashes",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534829/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0511.html"
},
{
"name": "USN-2433-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"name": "openSUSE-SU-2015:0616",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html"
},
{
"name": "DSA-3086",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"name": "71468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71468"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "DSA-3193",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3193"
},
{
"name": "[tcpdump] 20141124 Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/tcpdump/2014/q4/72"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2014:240",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"name": "MDVSA-2015:125",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"name": "http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html"
},
{
"name": "https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda",
"refsource": "CONFIRM",
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "20150309 tcpdump 4.7.2 remote crashes",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534829/100/0/threaded"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0511.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0511.html"
},
{
"name": "USN-2433-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"name": "openSUSE-SU-2015:0616",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html"
},
{
"name": "DSA-3086",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"name": "71468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71468"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "DSA-3193",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3193"
},
{
"name": "[tcpdump] 20141124 Re: Official patches for CVE-2014-8767/CVE-2014-8768/CVE-2014-8769?",
"refsource": "MLIST",
"url": "http://seclists.org/tcpdump/2014/q4/72"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9140",
"datePublished": "2014-12-05T16:00:00",
"dateReserved": "2014-11-28T00:00:00",
"dateUpdated": "2024-08-06T13:33:13.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0194 (GCVE-0-2003-0194)
Vulnerability from cvelistv5
Published
2003-05-17 04:00
Modified
2024-08-08 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
tcpdump does not properly drop privileges to the pcap user when starting up.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:174",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-174.html"
},
{
"name": "RHSA-2003:151",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-151.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "tcpdump does not properly drop privileges to the pcap user when starting up."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-06-10T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:174",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-174.html"
},
{
"name": "RHSA-2003:151",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-151.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tcpdump does not properly drop privileges to the pcap user when starting up."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:174",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-174.html"
},
{
"name": "RHSA-2003:151",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-151.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0194",
"datePublished": "2003-05-17T04:00:00",
"dateReserved": "2003-04-01T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8767 (GCVE-0-2014-8767)
Vulnerability from cvelistv5
Published
2014-11-20 17:00
Modified
2024-08-06 13:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:26:02.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2014:240",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"name": "MDVSA-2015:125",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/129155/tcpdump-4.6.2-OSLR-Denial-Of-Service.html"
},
{
"name": "openSUSE-SU-2015:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"name": "tcpdump-cve20148767-dos(98765)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98765"
},
{
"name": "20141118 CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534011/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "20141118 CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Nov/47"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "USN-2433-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"name": "DSA-3086",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0503.html"
},
{
"name": "71150",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71150"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT205031"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2014:240",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"name": "MDVSA-2015:125",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/129155/tcpdump-4.6.2-OSLR-Denial-Of-Service.html"
},
{
"name": "openSUSE-SU-2015:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"name": "tcpdump-cve20148767-dos(98765)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98765"
},
{
"name": "20141118 CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534011/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "20141118 CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Nov/47"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "USN-2433-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"name": "DSA-3086",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0503.html"
},
{
"name": "71150",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71150"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT205031"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2014:240",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"name": "MDVSA-2015:125",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"name": "http://packetstormsecurity.com/files/129155/tcpdump-4.6.2-OSLR-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129155/tcpdump-4.6.2-OSLR-Denial-Of-Service.html"
},
{
"name": "openSUSE-SU-2015:0284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"name": "tcpdump-cve20148767-dos(98765)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98765"
},
{
"name": "20141118 CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534011/100/0/threaded"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "20141118 CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Nov/47"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "USN-2433-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"name": "DSA-3086",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0503.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0503.html"
},
{
"name": "71150",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71150"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8767",
"datePublished": "2014-11-20T17:00:00",
"dateReserved": "2014-11-13T00:00:00",
"dateUpdated": "2024-08-06T13:26:02.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0989 (GCVE-0-2003-0989)
Vulnerability from cvelistv5
Published
2004-01-15 05:00
Modified
2024-08-08 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "FEDORA-2004-090",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html"
},
{
"name": "10718",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10718"
},
{
"name": "SCOSA-2004.9",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt"
},
{
"name": "RHSA-2004:008",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-008.html"
},
{
"name": "FLSA:1222",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html"
},
{
"name": "11032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11032/"
},
{
"name": "10668",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10668"
},
{
"name": "CSSA-2004-008.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt"
},
{
"name": "[fedora-announce-list] 20040311 Re: [SECURITY] Fedora Core 1 Update: tcpdump-3.7.2-8.fc1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html"
},
{
"name": "10637",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10637"
},
{
"name": "11022",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11022"
},
{
"name": "10636",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10636"
},
{
"name": "9507",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9507"
},
{
"name": "20040131 [FLSA-2004:1222] Updated tcpdump resolves security vulnerabilites (resend with correct paths)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107577418225627\u0026w=2"
},
{
"name": "1008716",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008716"
},
{
"name": "ESA-20040119-002",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://lwn.net/Alerts/66805/"
},
{
"name": "12179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12179/"
},
{
"name": "10644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10644"
},
{
"name": "VU#738518",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/738518"
},
{
"name": "MDKSA-2004:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:008"
},
{
"name": "20040119 [ESA-20040119-002] \u0027tcpdump\u0027 multiple vulnerabilities.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/350238/30/21640/threaded"
},
{
"name": "RHSA-2004:007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-007.html"
},
{
"name": "20040103-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc"
},
{
"name": "oval:org.mitre.oval:def:847",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A847"
},
{
"name": "DSA-425",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-425"
},
{
"name": "10652",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10652"
},
{
"name": "oval:org.mitre.oval:def:852",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A852"
},
{
"name": "oval:org.mitre.oval:def:10599",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10599"
},
{
"name": "APPLE-SA-2004-02-23",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html"
},
{
"name": "10639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10639"
},
{
"name": "FEDORA-2004-092",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html"
},
{
"name": "2004-0004",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://lwn.net/Alerts/66445/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "FEDORA-2004-090",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html"
},
{
"name": "10718",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10718"
},
{
"name": "SCOSA-2004.9",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt"
},
{
"name": "RHSA-2004:008",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-008.html"
},
{
"name": "FLSA:1222",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html"
},
{
"name": "11032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11032/"
},
{
"name": "10668",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10668"
},
{
"name": "CSSA-2004-008.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt"
},
{
"name": "[fedora-announce-list] 20040311 Re: [SECURITY] Fedora Core 1 Update: tcpdump-3.7.2-8.fc1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html"
},
{
"name": "10637",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10637"
},
{
"name": "11022",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11022"
},
{
"name": "10636",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10636"
},
{
"name": "9507",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9507"
},
{
"name": "20040131 [FLSA-2004:1222] Updated tcpdump resolves security vulnerabilites (resend with correct paths)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107577418225627\u0026w=2"
},
{
"name": "1008716",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008716"
},
{
"name": "ESA-20040119-002",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://lwn.net/Alerts/66805/"
},
{
"name": "12179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12179/"
},
{
"name": "10644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10644"
},
{
"name": "VU#738518",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/738518"
},
{
"name": "MDKSA-2004:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:008"
},
{
"name": "20040119 [ESA-20040119-002] \u0027tcpdump\u0027 multiple vulnerabilities.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/350238/30/21640/threaded"
},
{
"name": "RHSA-2004:007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-007.html"
},
{
"name": "20040103-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc"
},
{
"name": "oval:org.mitre.oval:def:847",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A847"
},
{
"name": "DSA-425",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-425"
},
{
"name": "10652",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10652"
},
{
"name": "oval:org.mitre.oval:def:852",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A852"
},
{
"name": "oval:org.mitre.oval:def:10599",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10599"
},
{
"name": "APPLE-SA-2004-02-23",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html"
},
{
"name": "10639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10639"
},
{
"name": "FEDORA-2004-092",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html"
},
{
"name": "2004-0004",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://lwn.net/Alerts/66445/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0989",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "FEDORA-2004-090",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html"
},
{
"name": "10718",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10718"
},
{
"name": "SCOSA-2004.9",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt"
},
{
"name": "RHSA-2004:008",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-008.html"
},
{
"name": "FLSA:1222",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html"
},
{
"name": "11032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11032/"
},
{
"name": "10668",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10668"
},
{
"name": "CSSA-2004-008.0",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt"
},
{
"name": "[fedora-announce-list] 20040311 Re: [SECURITY] Fedora Core 1 Update: tcpdump-3.7.2-8.fc1.1",
"refsource": "MLIST",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html"
},
{
"name": "10637",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10637"
},
{
"name": "11022",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11022"
},
{
"name": "10636",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10636"
},
{
"name": "9507",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9507"
},
{
"name": "20040131 [FLSA-2004:1222] Updated tcpdump resolves security vulnerabilites (resend with correct paths)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107577418225627\u0026w=2"
},
{
"name": "1008716",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008716"
},
{
"name": "ESA-20040119-002",
"refsource": "ENGARDE",
"url": "http://lwn.net/Alerts/66805/"
},
{
"name": "12179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12179/"
},
{
"name": "10644",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10644"
},
{
"name": "VU#738518",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/738518"
},
{
"name": "MDKSA-2004:008",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:008"
},
{
"name": "20040119 [ESA-20040119-002] \u0027tcpdump\u0027 multiple vulnerabilities.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/350238/30/21640/threaded"
},
{
"name": "RHSA-2004:007",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-007.html"
},
{
"name": "20040103-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc"
},
{
"name": "oval:org.mitre.oval:def:847",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A847"
},
{
"name": "DSA-425",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-425"
},
{
"name": "10652",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10652"
},
{
"name": "oval:org.mitre.oval:def:852",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A852"
},
{
"name": "oval:org.mitre.oval:def:10599",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10599"
},
{
"name": "APPLE-SA-2004-02-23",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html"
},
{
"name": "10639",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10639"
},
{
"name": "FEDORA-2004-092",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html"
},
{
"name": "2004-0004",
"refsource": "TRUSTIX",
"url": "http://lwn.net/Alerts/66445/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0989",
"datePublished": "2004-01-15T05:00:00",
"dateReserved": "2003-12-16T00:00:00",
"dateUpdated": "2024-08-08T02:12:35.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8768 (GCVE-0-2014-8768)
Vulnerability from cvelistv5
Published
2014-11-20 17:00
Modified
2024-08-06 13:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:26:02.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35359",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/35359"
},
{
"name": "openSUSE-SU-2015:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/129156/tcpdump-4.6.2-Geonet-Denial-Of-Service.html"
},
{
"name": "USN-2433-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"name": "20141118 CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Nov/48"
},
{
"name": "71155",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71155"
},
{
"name": "tpcdump-cve20148768-dos(98766)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98766"
},
{
"name": "20141118 CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534010/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35359",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/35359"
},
{
"name": "openSUSE-SU-2015:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/129156/tcpdump-4.6.2-Geonet-Denial-Of-Service.html"
},
{
"name": "USN-2433-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"name": "20141118 CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Nov/48"
},
{
"name": "71155",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71155"
},
{
"name": "tpcdump-cve20148768-dos(98766)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98766"
},
{
"name": "20141118 CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534010/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8768",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35359",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35359"
},
{
"name": "openSUSE-SU-2015:0284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "http://packetstormsecurity.com/files/129156/tcpdump-4.6.2-Geonet-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129156/tcpdump-4.6.2-Geonet-Denial-Of-Service.html"
},
{
"name": "USN-2433-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"name": "20141118 CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Nov/48"
},
{
"name": "71155",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71155"
},
{
"name": "tpcdump-cve20148768-dos(98766)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98766"
},
{
"name": "20141118 CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534010/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8768",
"datePublished": "2014-11-20T17:00:00",
"dateReserved": "2014-11-13T00:00:00",
"dateUpdated": "2024-08-06T13:26:02.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8769 (GCVE-0-2014-8769)
Vulnerability from cvelistv5
Published
2014-11-20 17:00
Modified
2024-08-06 13:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:26:02.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2014:240",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"name": "MDVSA-2015:125",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"name": "openSUSE-SU-2015:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "71153",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71153"
},
{
"name": "20141118 CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/534009/100/0/threaded"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "tcpdump-cve20148769-dos(98764)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98764"
},
{
"name": "USN-2433-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"name": "DSA-3086",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0503.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/129157/tcpdump-4.6.2-AOVD-Unreliable-Output.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "20141118 CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Nov/49"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2014:240",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"name": "MDVSA-2015:125",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"name": "openSUSE-SU-2015:0284",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "71153",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71153"
},
{
"name": "20141118 CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/534009/100/0/threaded"
},
{
"name": "APPLE-SA-2015-08-13-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "tcpdump-cve20148769-dos(98764)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98764"
},
{
"name": "USN-2433-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"name": "DSA-3086",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0503.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/129157/tcpdump-4.6.2-AOVD-Unreliable-Output.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "20141118 CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Nov/49"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8769",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2014:240",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240"
},
{
"name": "MDVSA-2015:125",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125"
},
{
"name": "openSUSE-SU-2015:0284",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "71153",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71153"
},
{
"name": "20141118 CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534009/100/0/threaded"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "tcpdump-cve20148769-dos(98764)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98764"
},
{
"name": "USN-2433-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2433-1"
},
{
"name": "DSA-3086",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3086"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0503.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0503.html"
},
{
"name": "http://packetstormsecurity.com/files/129157/tcpdump-4.6.2-AOVD-Unreliable-Output.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129157/tcpdump-4.6.2-AOVD-Unreliable-Output.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "20141118 CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Nov/49"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8769",
"datePublished": "2014-11-20T17:00:00",
"dateReserved": "2014-11-13T00:00:00",
"dateUpdated": "2024-08-06T13:26:02.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}