Debian Tcpdump vulnerabilities

191 known vulnerabilities affecting debian/tcpdump.

Total CVEs

191

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL132HIGH30MEDIUM17LOW12

Vulnerabilities

Page 2 of 10

CVE-2018-14462HIGHCVSS 7.5fixed in tcpdump 4.9.3-1 (bookworm)2018

CVE-2018-14462 [HIGH] CVE-2018-14462: tcpdump - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:i... The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). Scope: local bookworm: resolved (fixed in 4.9.3-1) bullseye: resolved (fixed in 4.9.3-1) forky: resolved (fixed in 4.9.3-1) sid: resolved (fixed in 4.9.3-1) trixie: resolved (fixed in 4.9.3-1)

debian

CVE-2018-14468HIGHCVSS 7.5fixed in tcpdump 4.9.3-1 (bookworm)2018

CVE-2018-14468 [HIGH] CVE-2018-14468: tcpdump - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:m... The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). Scope: local bookworm: resolved (fixed in 4.9.3-1) bullseye: resolved (fixed in 4.9.3-1) forky: resolved (fixed in 4.9.3-1) sid: resolved (fixed in 4.9.3-1) trixie: resolved (fixed in 4.9.3-1)

debian

CVE-2018-16229HIGHCVSS 7.5fixed in tcpdump 4.9.3-1 (bookworm)2018

CVE-2018-16229 [HIGH] CVE-2018-16229: tcpdump - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:d... The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). Scope: local bookworm: resolved (fixed in 4.9.3-1) bullseye: resolved (fixed in 4.9.3-1) forky: resolved (fixed in 4.9.3-1) sid: resolved (fixed in 4.9.3-1) trixie: resolved (fixed in 4.9.3-1)

debian

CVE-2018-16227HIGHCVSS 7.5fixed in tcpdump 4.9.3-1 (bookworm)2018

CVE-2018-16227 [HIGH] CVE-2018-16227: tcpdump - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-8... The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. Scope: local bookworm: resolved (fixed in 4.9.3-1) bullseye: resolved (fixed in 4.9.3-1) forky: resolved (fixed in 4.9.3-1) sid: resolved (fixed in 4.9.3-1) trixie: resolved (fixed in 4.9.3-1)

debian

CVE-2018-14467HIGHCVSS 7.5fixed in tcpdump 4.9.3-1 (bookworm)2018

CVE-2018-14467 [HIGH] CVE-2018-14467: tcpdump - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp... The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). Scope: local bookworm: resolved (fixed in 4.9.3-1) bullseye: resolved (fixed in 4.9.3-1) forky: resolved (fixed in 4.9.3-1) sid: resolved (fixed in 4.9.3-1) trixie: resolved (fixed in 4.9.3-1)

debian

CVE-2018-16300HIGHCVSS 7.5fixed in tcpdump 4.9.3-1 (bookworm)2018

CVE-2018-16300 [HIGH] CVE-2018-16300: tcpdump - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:b... The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. Scope: local bookworm: resolved (fixed in 4.9.3-1) bullseye: resolved (fixed in 4.9.3-1) forky: resolved (fixed in 4.9.3-1) sid: resolved (fixed in 4.9.3-1) trixie: resolved (fixed in 4.9.3-1)

debian

CVE-2018-16451HIGHCVSS 7.5fixed in tcpdump 4.9.3-1 (bookworm)2018

CVE-2018-16451 [HIGH] CVE-2018-16451: tcpdump - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:prin... The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. Scope: local bookworm: resolved (fixed in 4.9.3-1) bullseye: resolved (fixed in 4.9.3-1) forky: resolved (fixed in 4.9.3-1) sid: resolved (fixed in 4.9.3-1) trixie: resolved (fixed in 4.9.3-1)

debian

CVE-2018-14469HIGHCVSS 7.5fixed in tcpdump 4.9.3-1 (bookworm)2018

CVE-2018-14469 [HIGH] CVE-2018-14469: tcpdump - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.... The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). Scope: local bookworm: resolved (fixed in 4.9.3-1) bullseye: resolved (fixed in 4.9.3-1) forky: resolved (fixed in 4.9.3-1) sid: resolved (fixed in 4.9.3-1) trixie: resolved (fixed in 4.9.3-1)

debian

CVE-2018-16228HIGHCVSS 7.5fixed in tcpdump 4.9.3-1 (bookworm)2018

CVE-2018-16228 [HIGH] CVE-2018-16228: tcpdump - The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:p... The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). Scope: local bookworm: resolved (fixed in 4.9.3-1) bullseye: resolved (fixed in 4.9.3-1) forky: resolved (fixed in 4.9.3-1) sid: resolved (fixed in 4.9.3-1) trixie: resolved (fixed in 4.9.3-1)

debian

CVE-2018-14882HIGHCVSS 7.5fixed in tcpdump 4.9.3-1 (bookworm)2018

CVE-2018-14882 [HIGH] CVE-2018-14882: tcpdump - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.... The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. Scope: local bookworm: resolved (fixed in 4.9.3-1) bullseye: resolved (fixed in 4.9.3-1) forky: resolved (fixed in 4.9.3-1) sid: resolved (fixed in 4.9.3-1) trixie: resolved (fixed in 4.9.3-1)

debian

CVE-2018-16301LOWCVSS 7.8fixed in tcpdump 4.99.0-1 (bookworm)2018

CVE-2018-16301 [HIGH] CVE-2018-16301: tcpdump - The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow ... The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump. Scope: local bookworm: resolved (fixed in 4.99.0-1) bullseye: resolved (fixed in

debian

CVE-2018-19519LOWCVSS 5.52018

CVE-2018-19519 [MEDIUM] CVE-2018-19519: tcpdump - In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix func... In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

debian

CVE-2017-13028CRITICALCVSS 9.8fixed in tcpdump 4.9.2-1 (bookworm)2017

CVE-2017-13028 [CRITICAL] CVE-2017-13028: tcpdump - The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c... The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print(). Scope: local bookworm: resolved (fixed in 4.9.2-1) bullseye: resolved (fixed in 4.9.2-1) forky: resolved (fixed in 4.9.2-1) sid: resolved (fixed in 4.9.2-1) trixie: resolved (fixed in 4.9.2-1)

debian

CVE-2017-12894CRITICALCVSS 9.8fixed in tcpdump 4.9.2-1 (bookworm)2017

CVE-2017-12894 [CRITICAL] CVE-2017-12894: tcpdump - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read ... Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring(). Scope: local bookworm: resolved (fixed in 4.9.2-1) bullseye: resolved (fixed in 4.9.2-1) forky: resolved (fixed in 4.9.2-1) sid: resolved (fixed in 4.9.2-1) trixie: resolved (fixed in 4.9.2-1)

debian

CVE-2017-13040CRITICALCVSS 9.8fixed in tcpdump 4.9.2-1 (bookworm)2017

CVE-2017-13040 [CRITICAL] CVE-2017-13040: tcpdump - The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c... The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions. Scope: local bookworm: resolved (fixed in 4.9.2-1) bullseye: resolved (fixed in 4.9.2-1) forky: resolved (fixed in 4.9.2-1) sid: resolved (fixed in 4.9.2-1) trixie: resolved (fixed in 4.9.2-1)

debian

CVE-2017-12902CRITICALCVSS 9.8fixed in tcpdump 4.9.2-1 (bookworm)2017

CVE-2017-12902 [CRITICAL] CVE-2017-12902: tcpdump - The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr... The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions. Scope: local bookworm: resolved (fixed in 4.9.2-1) bullseye: resolved (fixed in 4.9.2-1) forky: resolved (fixed in 4.9.2-1) sid: resolved (fixed in 4.9.2-1) trixie: resolved (fixed in 4.9.2-1)

debian

CVE-2017-13003CRITICALCVSS 9.8fixed in tcpdump 4.9.2-1 (bookworm)2017

CVE-2017-13003 [CRITICAL] CVE-2017-13003: tcpdump - The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp... The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print(). Scope: local bookworm: resolved (fixed in 4.9.2-1) bullseye: resolved (fixed in 4.9.2-1) forky: resolved (fixed in 4.9.2-1) sid: resolved (fixed in 4.9.2-1) trixie: resolved (fixed in 4.9.2-1)

debian

CVE-2017-13014CRITICALCVSS 9.8fixed in tcpdump 4.9.2-1 (bookworm)2017

CVE-2017-13014 [CRITICAL] CVE-2017-13014: tcpdump - The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read i... The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions. Scope: local bookworm: resolved (fixed in 4.9.2-1) bullseye: resolved (fixed in 4.9.2-1) forky: resolved (fixed in 4.9.2-1) sid: resolved (fixed in 4.9.2-1) trixie: resolved (fixed in 4.9.2-1)

debian

CVE-2017-13004CRITICALCVSS 9.8fixed in tcpdump 4.9.2-1 (bookworm)2017

CVE-2017-13004 [CRITICAL] CVE-2017-13004: tcpdump - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in p... The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header(). Scope: local bookworm: resolved (fixed in 4.9.2-1) bullseye: resolved (fixed in 4.9.2-1) forky: resolved (fixed in 4.9.2-1) sid: resolved (fixed in 4.9.2-1) trixie: resolved (fixed in 4.9.2-1)

debian

CVE-2017-13007CRITICALCVSS 9.8fixed in tcpdump 4.9.2-1 (bookworm)2017

CVE-2017-13007 [CRITICAL] CVE-2017-13007: tcpdump - The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-p... The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print(). Scope: local bookworm: resolved (fixed in 4.9.2-1) bullseye: resolved (fixed in 4.9.2-1) forky: resolved (fixed in 4.9.2-1) sid: resolved (fixed in 4.9.2-1) trixie: resolved (fixed in 4.9.2-1)

debian

← Previous2 / 10Next →