Download
| Alert*
oval:org.secpod.oval:def:1800819
tcpdump 4.9.0 allows remote attackers to cause a denial of service via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol. Fixed In: Tcpdump 4.9.1 oval:org.secpod.oval:def:42920 The host is installed with Apple Mac OS X 10.12.6 or before 10.13.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle multiple issue in tcpdump. Successful exploitation could allow attackers to cause a denial of service. oval:org.secpod.oval:def:2101178 tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol. oval:org.secpod.oval:def:1800757 tcpdump 4.9.0 allows remote attackers to cause a denial of service via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol. Fixed in Tcpdump 4.9.1 oval:org.secpod.oval:def:89044656 This update for tcpdump fixes the following issues: Security issues fixed: - CVE-2017-11108: Crafted input allowed remote DoS - CVE-2017-11541: Prevent a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c . - CVE-2017-11542: Prevent a heap-based buffer o ... oval:org.secpod.oval:def:89044572 This update for tcpdump to version 4.9.2 fixes several issues. These security issues were fixed: - CVE-2017-11108: Prevent remote attackers to cause DoS via crafted packet data. The crash occured in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol . - C ... oval:org.secpod.oval:def:703796 tcpdump: command-line network traffic analyzer Several security issues were fixed in tcpdump. oval:org.secpod.oval:def:51891 tcpdump: command-line network traffic analyzer Several security issues were fixed in tcpdump. oval:org.secpod.oval:def:53136 Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code. oval:org.secpod.oval:def:1800522 tcpdump 4.9.0 allows remote attackers to cause a denial of service via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol. Fixed in: Tcpdump 4.9.1 oval:org.secpod.oval:def:603099 Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code. oval:org.secpod.oval:def:42910 The host is missing a security update according to Apple advisory, APPLE-SA-2017-10-31-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... |