CVE-2015-2155 — Tcpdump vulnerability

11 documents8 sources

Severity

7.5HIGHNVD

EPSS

4.5%

top 10.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tcpdump Debian Linux Fedoraproject Fedora +2 more

Timeline

PublishedMar 24

Latest updateMay 14

Description

The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages4 packages

▶Debiantcpdump/tcpdump< 4.6.2-4+3

▶NVDtcpdump/tcpdump4.7.0

▶NVDoracle/solaris11.2

▶NVDopensuse/opensuse13.1, 13.2+1

Also affects: Debian Linux 7.0, 8.0, Fedora 21

Patches

Patch: packetstormsecurity.com ↗Patch: packetstormsecurity.com ↗

🔴Vulnerability Details

GHSA

GHSA-r2jh-fv4f-q2ch: The force printer in tcpdump before 4↗2022-05-14

▶

CVEList

CVE-2015-2155: The force printer in tcpdump before 4↗2015-03-24

▶

OSV

CVE-2015-2155: The force printer in tcpdump before 4↗2015-03-24

▶

📋Vendor Advisories

Ubuntu

tcpdump vulnerabilities↗2015-04-27

▶

Red Hat

tcpdump: force printer vulnerability↗2015-03-09

▶

Debian

CVE-2015-2155: tcpdump - The force printer in tcpdump before 4.7.2 allows remote attackers to cause a den...↗2015

▶

💬Community

Bugzilla

CVE-2015-2155 tcpdump: force printer vulnerability↗2015-03-13

▶

Bugzilla

CVE-2015-0261 CVE-2015-2154 CVE-2015-2153 CVE-2015-2155 tcpdump: various flaws [fedora-all]↗2015-03-13

▶

Bugzilla

CVE-2015-2154 tcpdump: ethernet printer osi_print_cksum() missing sanity checks out-of-bounds read↗2015-03-13

▶

Bugzilla

CVE-2015-2153 tcpdump: tcp printer rpki_rtr_pdu_print() missing length check↗2015-03-13

▶