[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-8768Date: (C)2014-12-09   (M)2023-12-22


Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
http://www.securityfocus.com/archive/1/534010/100/0/threaded
EXPLOIT-DB-35359
BID-71155
USN-2433-1
http://packetstormsecurity.com/files/129156/tcpdump-4.6.2-Geonet-Denial-Of-Service.html
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
openSUSE-SU-2015:0284
tpcdump-cve20148768-dos(98766)

CPE    6
cpe:/o:opensuse:opensuse:13.1
cpe:/o:canonical:ubuntu_linux:10.04::~~lts~~~
cpe:/o:canonical:ubuntu_linux:12.04::~~lts~~~
cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~
...
CWE    1
CWE-191
OVAL    10
oval:org.secpod.oval:def:108215
oval:org.secpod.oval:def:24739
oval:org.secpod.oval:def:107970
oval:org.secpod.oval:def:702321
...

© SecPod Technologies