Computer Security
[EN] securityvulns.ru no-pyccku


tcpdump multiple security vulnerabilities
Published:03.12.2014
Source:
SecurityVulns ID:14136
Type:remote
Threat Level:
5/10
Description:DoS, code execution, information leakage.
Affected:TCPDUMP : tcpdump 4.6
CVE:CVE-2014-9140 (Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.)
 CVE-2014-8769 (tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access.)
 CVE-2014-8767 (Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3086-1] tcpdump security update (03.12.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod