Shodan
Vulnerabilities
Vulnerable Software
Tcpdump:  >> Tcpdump  >> 3.7.2  Security Vulnerabilities
CVE-2016-7986
The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions.
CVSS Score
9.8
EPSS Score
0.009
Published
2017-01-28
CVE-2016-7992
The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-cip.c:cip_if_print().
CVSS Score
9.8
EPSS Score
0.009
Published
2017-01-28
CVE-2016-7993
A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).
CVSS Score
9.8
EPSS Score
0.009
Published
2017-01-28
CVE-2016-8574
The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
CVSS Score
9.8
EPSS Score
0.009
Published
2017-01-28
CVE-2015-2155
The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.05
Published
2015-03-24
CVE-2015-2154
The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value.
CVSS Score
5.0
EPSS Score
0.019
Published
2015-03-24
CVE-2015-2153
The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).
CVSS Score
5.0
EPSS Score
0.14
Published
2015-03-24
CVE-2015-0261
Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value.
CVSS Score
7.5
EPSS Score
0.015
Published
2015-03-24
CVE-2007-3798
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
CVSS Score
9.8
EPSS Score
0.744
Published
2007-07-16
CVE-2007-1218
Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.
CVSS Score
6.8
EPSS Score
0.197
Published
2007-03-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved