cbcvebase.
CVE-2018-14880
published 2019-10-03

CVE-2018-14880: The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().

high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().

Affected

89 ranges· showing 25
VendorProductVersion rangeFixed in
applemac_os_x< 10.15.210.15.2
applemacos_catalina_10.15.2_security_update_2019-002_mojave_security_update_2019-007
debiandebian_linux
debiandebian_linux
debiandebian_linux
debiantcpdump< tcpdump 4.9.3-1 (bookworm)tcpdump 4.9.3-1 (bookworm)
f5big-ip_access_policy_manager11.5.2 – 11.6.5
f5big-ip_access_policy_manager12.1.0 – 12.1.5
f5big-ip_access_policy_manager13.1.0 – 13.1.3
f5big-ip_access_policy_manager14.0.0 – 14.1.2
f5big-ip_access_policy_manager15.0.0 – 15.0.1
f5big-ip_advanced_firewall_manager11.5.2 – 11.6.5
f5big-ip_advanced_firewall_manager12.1.0 – 12.1.5
f5big-ip_advanced_firewall_manager13.1.0 – 13.1.3
f5big-ip_advanced_firewall_manager14.0.0 – 14.1.2
f5big-ip_advanced_firewall_manager15.0.0 – 15.0.1
f5big-ip_analytics11.5.2 – 11.6.5
f5big-ip_analytics12.1.0 – 12.1.5
f5big-ip_analytics13.1.0 – 13.1.3
f5big-ip_analytics14.0.0 – 14.1.2
f5big-ip_analytics15.0.0 – 15.0.1
f5big-ip_application_acceleration_manager11.5.2 – 11.6.5
f5big-ip_application_acceleration_manager12.1.0 – 12.1.5
f5big-ip_application_acceleration_manager13.1.0 – 13.1.3
f5big-ip_application_acceleration_manager14.0.0 – 14.1.2

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH