cbcvebase.
CVE-2002-1350
published 2002-12-23

CVE-2002-1350: The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash).

PriorityP419high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.37%
81.7th percentile
The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash).

Affected

6 ranges
VendorProductVersion rangeFixed in
debiantcpdump< tcpdump 3.7.2-1 (bookworm)tcpdump 3.7.2-1 (bookworm)
lbltcpdump<= 3.6.2.2.2
tcpdumptcpdump>= 0 < 3.7.2-13.7.2-1
tcpdumptcpdump>= 0 < 3.7.2-13.7.2-1
tcpdumptcpdump>= 0 < 3.7.2-13.7.2-1
tcpdumptcpdump>= 0 < 3.7.2-13.7.2-1

CVSS provenance

nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.