Computer Security
[EN] securityvulns.ru no-pyccku


tcpdump multiple security vulnerabilities
Published:16.03.2015
Source:
SecurityVulns ID:14315
Type:remote
Threat Level:
5/10
Description:Multiple vulnerabilities in protocols dissectors.
Affected:TCPDUMP : tcpdump 4.7
CVE:CVE-2015-2155 (The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.)
 CVE-2015-2154 (The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value.)
 CVE-2015-2153 (The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).)
 CVE-2015-0261 (Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value.)
 CVE-2014-9140 (Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.)
Original documentdocumentMichael Richardson, tcpdump 4.7.2 remote crashes (16.03.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod