CVE-2002-0380
published 2002-06-18CVE-2002-0380: Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.
PriorityP430high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
4.95%
91.1th percentile
Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tcpdump | < tcpdump 3.7.1-1.2 (bookworm) | tcpdump 3.7.1-1.2 (bookworm) |
| lbl | tcpdump | <= 3.6.2 | — |
| tcpdump | tcpdump | >= 0 < 3.7.1-1.2 | 3.7.1-1.2 |
| tcpdump | tcpdump | >= 0 < 3.7.1-1.2 | 3.7.1-1.2 |
| tcpdump | tcpdump | >= 0 < 3.7.1-1.2 | 3.7.1-1.2 |
| tcpdump | tcpdump | >= 0 < 3.7.1-1.2 | 3.7.1-1.2 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-96qc-cv4m-j8fq: Buffer overflow in tcpdump 3
ghsa_unreviewed·2022-05-03
CVE-2002-0380 [HIGH] GHSA-96qc-cv4m-j8fq: Buffer overflow in tcpdump 3
Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.
OSV
CVE-2002-0380: Buffer overflow in tcpdump 3
osv·2002-06-18·CVSS 7.5
CVE-2002-0380 [HIGH] CVE-2002-0380: Buffer overflow in tcpdump 3
Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.
Red Hat
security flaw
vendor_redhat·2002-05-31·CVSS 7.5
CVE-2002-0380 [HIGH] security flaw
security flaw
Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.
Debian
CVE-2002-0380: tcpdump - Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a ...
vendor_debian·2002·CVSS 7.5
CVE-2002-0380 [HIGH] CVE-2002-0380: tcpdump - Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a ...
Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.
Scope: local
bookworm: resolved (fixed in 3.7.1-1.2)
bullseye: resolved (fixed in 3.7.1-1.2)
forky: resolved (fixed in 3.7.1-1.2)
sid: resolved (fixed in 3.7.1-1.2)
trixie: resolved (fixed in 3.7.1-1.2)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2002-0380 security flaw
bugzilla·2018-08-16·CVSS 7.5
CVE-2002-0380 [HIGH] CVE-2002-0380 security flaw
CVE-2002-0380 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.
Bugzilla
tcpdump problem with bgp decoding
bugzilla·2003-01-29
[MEDIUM] tcpdump problem with bgp decoding
tcpdump problem with bgp decoding
The BGP decoding routines for tcpdump used incorrect bounds checking when
copying data. This could be abused by introducing malicious traffic on a sniffed
network for a denial of service attack against tcpdump, or possibly even remote
code execution.
RHSA-2002:094 patched CAN-2002-0380 with tcpdump-3.6.2-11
AS/RHSA-2002:121 patched CAN-2002-0380 with tcpdump-3.6.2-11
See http://marc.theaimsgroup.com/?l=bugtraq&m=103956164004031&w=2
also http://www.tcpdump.org/lists/workers/2001/10/msg00101.html
3.6.* is vulnerable, 3.7 isn't
CVE applied for Dec11: CAN-2002-1350
Discussion:
*** Bug 80152 has been marked as a duplicate of this bug. ***
---
An errata has been issued which should help the problem described in this bug report.
This report is therefore
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-025.0.txthttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000491http://marc.info/?l=bugtraq&m=102339541014226&w=2http://marc.info/?l=bugtraq&m=102650721503642&w=2http://online.securityfocus.com/advisories/4169http://www.debian.org/security/2003/dsa-255http://www.iss.net/security_center/static/9216.phphttp://www.redhat.com/support/errata/RHSA-2002-094.htmlhttp://www.redhat.com/support/errata/RHSA-2002-121.htmlhttp://www.redhat.com/support/errata/RHSA-2003-214.htmlhttp://www.securityfocus.com/bid/4890ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-025.0.txthttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000491http://marc.info/?l=bugtraq&m=102339541014226&w=2http://marc.info/?l=bugtraq&m=102650721503642&w=2http://online.securityfocus.com/advisories/4169http://www.debian.org/security/2003/dsa-255http://www.iss.net/security_center/static/9216.phphttp://www.redhat.com/support/errata/RHSA-2002-094.htmlhttp://www.redhat.com/support/errata/RHSA-2002-121.htmlhttp://www.redhat.com/support/errata/RHSA-2003-214.htmlhttp://www.securityfocus.com/bid/4890
2002-06-18
Published