Tcpdump: >> Tcpdump >> 4.9.0 Security Vulnerabilities
The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().
CVSS Score
9.8
EPSS Score
0.006
Published
2017-09-14
The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().
CVSS Score
7.5
EPSS Score
0.015
Published
2017-09-14
tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.
CVSS Score
9.8
EPSS Score
0.01
Published
2017-07-23
tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
CVSS Score
9.8
EPSS Score
0.01
Published
2017-07-23
tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.
CVSS Score
9.8
EPSS Score
0.136
Published
2017-07-23
tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.
CVSS Score
7.5
EPSS Score
0.019
Published
2017-07-08
Page 12