English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.843302
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-3415-1)
Summary:The remote host is missing an update for the 'tcpdump' package(s) announced via the USN-3415-1 advisory.
Description:Summary:
The remote host is missing an update for the 'tcpdump' package(s) announced via the USN-3415-1 advisory.

Vulnerability Insight:
Wilfried Kirsch discovered a buffer overflow in the SLIP decoder
in tcpdump. A remote attacker could use this to cause a denial
of service (application crash) or possibly execute arbitrary
code. (CVE-2017-11543)

Bhargava Shastry discovered a buffer overflow in the bitfield converter
utility function bittok2str_internal() in tcpdump. A remote attacker
could use this to cause a denial of service (application crash)
or possibly execute arbitrary code. (CVE-2017-13011)

Otto Airamo and Antti Levomaki discovered logic errors in different
protocol parsers in tcpdump that could lead to an infinite loop. A
remote attacker could use these to cause a denial of service
(application hang). CVE-2017-12989, CVE-2017-12990, CVE-2017-12995,
CVE-2017-12997)

Otto Airamo, Brian Carpenter, Yannick Formaggio, Kamil Frankowicz,
Katie Holly, Kim Gwan Yeong, Antti Levomaki, Henri Salo, and Bhargava
Shastry discovered out-of-bounds reads in muliptle protocol parsers
in tcpdump. A remote attacker could use these to cause a denial
of service (application crash). (CVE-2017-11108, CVE-2017-11541,
CVE-2017-11542, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895,
CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899,
CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985,
CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12991,
CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12996,
CVE-2017-12998, CVE-2017-12999, CVE-2017-13000, CVE-2017-13001,
CVE-2017-13002, CVE-2017-13003, CVE-2017-13004, CVE-2017-13005,
CVE-2017-13006, CVE-2017-13007, CVE-2017-13008, CVE-2017-13009,
CVE-2017-13010, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014,
CVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017-13018,
CVE-2017-13019, CVE-2017-13020, CVE-2017-13021, CVE-2017-13022,
CVE-2017-13023, CVE-2017-13024, CVE-2017-13025, CVE-2017-13026,
CVE-2017-13027, CVE-2017-13028, CVE-2017-13029, CVE-2017-13030,
CVE-2017-13031, CVE-2017-13032, CVE-2017-13033, CVE-2017-13034,
CVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038,
CVE-2017-13039, CVE-2017-13040, CVE-2017-13041, CVE-2017-13042,
CVE-2017-13043, CVE-2017-13044, CVE-2017-13045, CVE-2017-13046,
CVE-2017-13047, CVE-2017-13048, CVE-2017-13049, CVE-2017-13050,
CVE-2017-13051, CVE-2017-13052, CVE-2017-13053, CVE-2017-13054,
CVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689,
CVE-2017-13690, CVE-2017-13725)

Affected Software/OS:
'tcpdump' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 17.04.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-11108
Debian Security Information: DSA-3971 (Google Search)
http://www.debian.org/security/2017/dsa-3971
https://security.gentoo.org/glsa/201709-23
https://bugzilla.redhat.com/show_bug.cgi?id=1468504
RedHat Security Advisories: RHEA-2018:0705
https://access.redhat.com/errata/RHEA-2018:0705
Common Vulnerability Exposure (CVE) ID: CVE-2017-11541
BugTraq ID: 99941
http://www.securityfocus.com/bid/99941
https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/heap-buffer-overflow/util-print
http://www.securitytracker.com/id/1039307
Common Vulnerability Exposure (CVE) ID: CVE-2017-11542
BugTraq ID: 99940
http://www.securityfocus.com/bid/99940
https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/heap-buffer-overflow/print-pim
Common Vulnerability Exposure (CVE) ID: CVE-2017-11543
BugTraq ID: 99939
http://www.securityfocus.com/bid/99939
https://github.com/hackerlib/hackerlib-vul/tree/master/tcpdump-vul/global-overflow/print-sl
Common Vulnerability Exposure (CVE) ID: CVE-2017-12893
Common Vulnerability Exposure (CVE) ID: CVE-2017-12894
Common Vulnerability Exposure (CVE) ID: CVE-2017-12895
Common Vulnerability Exposure (CVE) ID: CVE-2017-12896
Common Vulnerability Exposure (CVE) ID: CVE-2017-12897
Common Vulnerability Exposure (CVE) ID: CVE-2017-12898
Common Vulnerability Exposure (CVE) ID: CVE-2017-12899
Common Vulnerability Exposure (CVE) ID: CVE-2017-12900
Common Vulnerability Exposure (CVE) ID: CVE-2017-12901
Common Vulnerability Exposure (CVE) ID: CVE-2017-12902
Common Vulnerability Exposure (CVE) ID: CVE-2017-12985
Common Vulnerability Exposure (CVE) ID: CVE-2017-12986
Common Vulnerability Exposure (CVE) ID: CVE-2017-12987
Common Vulnerability Exposure (CVE) ID: CVE-2017-12988
Common Vulnerability Exposure (CVE) ID: CVE-2017-12989
Common Vulnerability Exposure (CVE) ID: CVE-2017-12990
Common Vulnerability Exposure (CVE) ID: CVE-2017-12991
Common Vulnerability Exposure (CVE) ID: CVE-2017-12992
Common Vulnerability Exposure (CVE) ID: CVE-2017-12993
Common Vulnerability Exposure (CVE) ID: CVE-2017-12994
Common Vulnerability Exposure (CVE) ID: CVE-2017-12995
Common Vulnerability Exposure (CVE) ID: CVE-2017-12996
Common Vulnerability Exposure (CVE) ID: CVE-2017-12997
BugTraq ID: 100914
http://www.securityfocus.com/bid/100914
Common Vulnerability Exposure (CVE) ID: CVE-2017-12998
Common Vulnerability Exposure (CVE) ID: CVE-2017-12999
Common Vulnerability Exposure (CVE) ID: CVE-2017-13000
Common Vulnerability Exposure (CVE) ID: CVE-2017-13001
Common Vulnerability Exposure (CVE) ID: CVE-2017-13002
Common Vulnerability Exposure (CVE) ID: CVE-2017-13003
Common Vulnerability Exposure (CVE) ID: CVE-2017-13004
Common Vulnerability Exposure (CVE) ID: CVE-2017-13005
Common Vulnerability Exposure (CVE) ID: CVE-2017-13006
Common Vulnerability Exposure (CVE) ID: CVE-2017-13007
Common Vulnerability Exposure (CVE) ID: CVE-2017-13008
Common Vulnerability Exposure (CVE) ID: CVE-2017-13009
Common Vulnerability Exposure (CVE) ID: CVE-2017-13010
Common Vulnerability Exposure (CVE) ID: CVE-2017-13011
Common Vulnerability Exposure (CVE) ID: CVE-2017-13012
Common Vulnerability Exposure (CVE) ID: CVE-2017-13013
Common Vulnerability Exposure (CVE) ID: CVE-2017-13014
Common Vulnerability Exposure (CVE) ID: CVE-2017-13015
Common Vulnerability Exposure (CVE) ID: CVE-2017-13016
Common Vulnerability Exposure (CVE) ID: CVE-2017-13017
Common Vulnerability Exposure (CVE) ID: CVE-2017-13018
Common Vulnerability Exposure (CVE) ID: CVE-2017-13019
Common Vulnerability Exposure (CVE) ID: CVE-2017-13020
Common Vulnerability Exposure (CVE) ID: CVE-2017-13021
Common Vulnerability Exposure (CVE) ID: CVE-2017-13022
Common Vulnerability Exposure (CVE) ID: CVE-2017-13023
Common Vulnerability Exposure (CVE) ID: CVE-2017-13024
Common Vulnerability Exposure (CVE) ID: CVE-2017-13025
Common Vulnerability Exposure (CVE) ID: CVE-2017-13026
Common Vulnerability Exposure (CVE) ID: CVE-2017-13027
Common Vulnerability Exposure (CVE) ID: CVE-2017-13028
Common Vulnerability Exposure (CVE) ID: CVE-2017-13029
Common Vulnerability Exposure (CVE) ID: CVE-2017-13030
Common Vulnerability Exposure (CVE) ID: CVE-2017-13031
Common Vulnerability Exposure (CVE) ID: CVE-2017-13032
Common Vulnerability Exposure (CVE) ID: CVE-2017-13033
Common Vulnerability Exposure (CVE) ID: CVE-2017-13034
Common Vulnerability Exposure (CVE) ID: CVE-2017-13035
Common Vulnerability Exposure (CVE) ID: CVE-2017-13036
Common Vulnerability Exposure (CVE) ID: CVE-2017-13037
Common Vulnerability Exposure (CVE) ID: CVE-2017-13038
Common Vulnerability Exposure (CVE) ID: CVE-2017-13039
Common Vulnerability Exposure (CVE) ID: CVE-2017-13040
Common Vulnerability Exposure (CVE) ID: CVE-2017-13041
Common Vulnerability Exposure (CVE) ID: CVE-2017-13042
Common Vulnerability Exposure (CVE) ID: CVE-2017-13043
Common Vulnerability Exposure (CVE) ID: CVE-2017-13044
Common Vulnerability Exposure (CVE) ID: CVE-2017-13045
Common Vulnerability Exposure (CVE) ID: CVE-2017-13046
Common Vulnerability Exposure (CVE) ID: CVE-2017-13047
Common Vulnerability Exposure (CVE) ID: CVE-2017-13048
Common Vulnerability Exposure (CVE) ID: CVE-2017-13049
Common Vulnerability Exposure (CVE) ID: CVE-2017-13050
Common Vulnerability Exposure (CVE) ID: CVE-2017-13051
Common Vulnerability Exposure (CVE) ID: CVE-2017-13052
Common Vulnerability Exposure (CVE) ID: CVE-2017-13053
Common Vulnerability Exposure (CVE) ID: CVE-2017-13054
Common Vulnerability Exposure (CVE) ID: CVE-2017-13055
Common Vulnerability Exposure (CVE) ID: CVE-2017-13687
Common Vulnerability Exposure (CVE) ID: CVE-2017-13688
Common Vulnerability Exposure (CVE) ID: CVE-2017-13689
Common Vulnerability Exposure (CVE) ID: CVE-2017-13690
Common Vulnerability Exposure (CVE) ID: CVE-2017-13725
CopyrightCopyright (C) 2017 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.