Redhat Tcpdump vulnerabilities

CVE-2014-9140 [MEDIUM] CWE-119 CVE-2014-9140: Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote a Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.

CVE-2014-8767 [MEDIUM] CWE-189 CVE-2014-8767: Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, a Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame.

CVE-2014-8768 [MEDIUM] CWE-191 CVE-2014-8768: Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in ver Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.

CVE-2014-8769 [MEDIUM] CWE-119 CVE-2014-8769: tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory o tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access.

CVE-2003-0989 [HIGH] CVE-2003-0989: tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certai tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.

CVE-2003-0194 [MEDIUM] CVE-2003-0194: tcpdump does not properly drop privileges to the pcap user when starting up. tcpdump does not properly drop privileges to the pcap user when starting up.