Search criteria
5 vulnerabilities found for tcpdump by The Tcpdump Group
CVE-2024-2397 (GCVE-0-2024-2397)
Vulnerability from cvelistv5 – Published: 2024-04-12 13:22 – Updated: 2025-02-13 17:40
VLAI?
Title
infinite loop in the PPP printer of tcpdump
Summary
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21.
Severity ?
6.2 (Medium)
CWE
- CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Tcpdump Group | tcpdump |
Affected:
0d4083e , < b9811ef
(git)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2397",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-31T17:39:23.683099Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T17:39:31.449Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-03T13:34:59.230Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.freebsd.org/archives/freebsd-security/2024-September/000298.html"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GEZRGR3QCW2ZNFIAWMZZOG4ZLFLFNG2M/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUUI2MBVHFENXNBCHDQZP2RBBA2VD5HG/"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"PPP printer"
],
"product": "tcpdump",
"vendor": "The Tcpdump Group",
"versions": [
{
"lessThan": "b9811ef",
"status": "affected",
"version": "0d4083e",
"versionType": "git"
}
]
}
],
"datePublic": "2024-04-12T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21."
}
],
"exploits": [
{
"lang": "en",
"value": "A functional exploit exists."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T16:09:07.141Z",
"orgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
"shortName": "Tcpdump"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GEZRGR3QCW2ZNFIAWMZZOG4ZLFLFNG2M/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUUI2MBVHFENXNBCHDQZP2RBBA2VD5HG/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "infinite loop in the PPP printer of tcpdump"
}
},
"cveMetadata": {
"assignerOrgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
"assignerShortName": "Tcpdump",
"cveId": "CVE-2024-2397",
"datePublished": "2024-04-12T13:22:01.636Z",
"dateReserved": "2024-03-12T10:29:32.095Z",
"dateUpdated": "2025-02-13T17:40:07.188Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1801 (GCVE-0-2023-1801)
Vulnerability from cvelistv5 – Published: 2023-04-07 20:40 – Updated: 2025-02-13 16:39
VLAI?
Summary
The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.
Severity ?
No CVSS data available.
CWE
- CWE-787 - out-of-bounds write
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Tcpdump Group | tcpdump |
Affected:
4.99.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:05:25.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOA2BJFERAC3VRQIRHJOWN4HZY4ZA7CH/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYL5DEVHRJYF2CM5LTCZKEYFYDZAIZSN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLLZCG23MU6O4QOG2CX3DLEL3YXP6LAI/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213844"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213845"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "tcpdump",
"programRoutines": [
{
"name": "smb_fdata1()"
}
],
"vendor": "The Tcpdump Group",
"versions": [
{
"status": "affected",
"version": "4.99.3"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This vulnerability applies only to tcpdump binaries that were compiled with the SMB printer explicitly enabled. The SMB printer compilation is disabled by default."
}
],
"descriptions": [
{
"lang": "en",
"value": "The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "out-of-bounds write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-23T07:06:13.184Z",
"orgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
"shortName": "Tcpdump"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501"
},
{
"tags": [
"patch"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOA2BJFERAC3VRQIRHJOWN4HZY4ZA7CH/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYL5DEVHRJYF2CM5LTCZKEYFYDZAIZSN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLLZCG23MU6O4QOG2CX3DLEL3YXP6LAI/"
},
{
"url": "https://support.apple.com/kb/HT213844"
},
{
"url": "https://support.apple.com/kb/HT213845"
}
],
"solutions": [
{
"lang": "en",
"value": "If using tcpdump 4.99.3, upgrade to 4.99.4."
}
],
"workarounds": [
{
"lang": "en",
"value": "Do not enable the SMB printer when building tcpdump 4.99.3."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
"assignerShortName": "Tcpdump",
"cveId": "CVE-2023-1801",
"datePublished": "2023-04-07T20:40:55.540Z",
"dateReserved": "2023-04-02T11:09:43.663Z",
"dateUpdated": "2025-02-13T16:39:31.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8036 (GCVE-0-2020-8036)
Vulnerability from cvelistv5 – Published: 2020-11-04 17:55 – Updated: 2024-09-16 23:42
VLAI?
Title
str2tokbuf used incorrectly by print-someip.c
Summary
The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way.
Severity ?
No CVSS data available.
CWE
- overread error
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The TCPdump Group | tcpdump |
Affected:
4.10.0-PRE-GIT
|
Credits
Reza Mirzazade farkhani of iseclab.org
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:48:24.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/e2256b4f2506102be2c6f7976f84f0d607c53d43"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tcpdump",
"vendor": "The TCPdump Group",
"versions": [
{
"status": "affected",
"version": "4.10.0-PRE-GIT"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Reza Mirzazade farkhani of iseclab.org"
}
],
"datePublic": "2020-02-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "overread error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-04T17:55:24.000Z",
"orgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
"shortName": "Tcpdump"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/e2256b4f2506102be2c6f7976f84f0d607c53d43"
}
],
"title": "str2tokbuf used incorrectly by print-someip.c",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@tcpdump.org",
"DATE_PUBLIC": "2020-02-29T00:00:00.000Z",
"ID": "CVE-2020-8036",
"STATE": "PUBLIC",
"TITLE": "str2tokbuf used incorrectly by print-someip.c"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "tcpdump",
"version": {
"version_data": [
{
"version_value": "4.10.0-PRE-GIT"
}
]
}
}
]
},
"vendor_name": "The TCPdump Group"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Reza Mirzazade farkhani of iseclab.org"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "overread error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/the-tcpdump-group/tcpdump/commit/e2256b4f2506102be2c6f7976f84f0d607c53d43",
"refsource": "MISC",
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/e2256b4f2506102be2c6f7976f84f0d607c53d43"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
"assignerShortName": "Tcpdump",
"cveId": "CVE-2020-8036",
"datePublished": "2020-11-04T17:55:24.515Z",
"dateReserved": "2020-01-27T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:42:08.125Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8037 (GCVE-0-2020-8037)
Vulnerability from cvelistv5 – Published: 2020-11-04 17:55 – Updated: 2024-09-16 20:27
VLAI?
Title
ppp decapsulator can be convinced to allocate a large amount of memory
Summary
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
Severity ?
No CVSS data available.
CWE
- memory overallocation error
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The TCPdump Group | tcpdump |
Affected:
4.9.3
|
Credits
Hardik Shah
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:48:25.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231"
},
{
"name": "[debian-lts-announce] 20201110 [SECURITY] [DLA 2444-1] tcpdump security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00018.html"
},
{
"name": "FEDORA-2020-fae2e1f2bc",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWDBONZVLC6BAOR2KM376DJCM4H3FERV/"
},
{
"name": "FEDORA-2020-c5e78886d6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2MX34MJIUJQGL6CMEPLTKFOOOC3CJ4Z/"
},
{
"name": "20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Apr/51"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT212325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT212326"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT212327"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tcpdump",
"vendor": "The TCPdump Group",
"versions": [
{
"status": "affected",
"version": "4.9.3"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Hardik Shah"
}
],
"datePublic": "2020-04-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "memory overallocation error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T19:30:45.000Z",
"orgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
"shortName": "Tcpdump"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231"
},
{
"name": "[debian-lts-announce] 20201110 [SECURITY] [DLA 2444-1] tcpdump security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00018.html"
},
{
"name": "FEDORA-2020-fae2e1f2bc",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWDBONZVLC6BAOR2KM376DJCM4H3FERV/"
},
{
"name": "FEDORA-2020-c5e78886d6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2MX34MJIUJQGL6CMEPLTKFOOOC3CJ4Z/"
},
{
"name": "20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Apr/51"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT212325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT212326"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT212327"
}
],
"title": "ppp decapsulator can be convinced to allocate a large amount of memory",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@tcpdump.org",
"DATE_PUBLIC": "2020-04-21T00:00:00.000Z",
"ID": "CVE-2020-8037",
"STATE": "PUBLIC",
"TITLE": "ppp decapsulator can be convinced to allocate a large amount of memory"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "tcpdump",
"version": {
"version_data": [
{
"version_value": "4.9.3"
}
]
}
}
]
},
"vendor_name": "The TCPdump Group"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Hardik Shah"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "memory overallocation error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231",
"refsource": "MISC",
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231"
},
{
"name": "[debian-lts-announce] 20201110 [SECURITY] [DLA 2444-1] tcpdump security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00018.html"
},
{
"name": "FEDORA-2020-fae2e1f2bc",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LWDBONZVLC6BAOR2KM376DJCM4H3FERV/"
},
{
"name": "FEDORA-2020-c5e78886d6",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2MX34MJIUJQGL6CMEPLTKFOOOC3CJ4Z/"
},
{
"name": "20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Apr/51"
},
{
"name": "https://support.apple.com/kb/HT212325",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT212325"
},
{
"name": "https://support.apple.com/kb/HT212326",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT212326"
},
{
"name": "https://support.apple.com/kb/HT212327",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT212327"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
"assignerShortName": "Tcpdump",
"cveId": "CVE-2020-8037",
"datePublished": "2020-11-04T17:55:21.657Z",
"dateReserved": "2020-01-27T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:27:55.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16301 (GCVE-0-2018-16301)
Vulnerability from cvelistv5 – Published: 2019-10-03 15:55 – Updated: 2024-08-05 10:17
VLAI?
Summary
The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.
Severity ?
No CVSS data available.
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Tcpdump Group | tcpdump |
Affected:
unspecified , < 4.99.0
(custom)
|
Credits
Include Security and Mozilla Secure Open Source program
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:17:38.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/ad7c25bc0decf96dc7768c9e903734d38528b1bd"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "tcpdump",
"vendor": "The Tcpdump Group",
"versions": [
{
"lessThan": "4.99.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Include Security and Mozilla Secure Open Source program"
}
],
"descriptions": [
{
"lang": "en",
"value": "The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 integer overflow or wraparound",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 out-of-bounds write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T17:11:35.000Z",
"orgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
"shortName": "Tcpdump"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/ad7c25bc0decf96dc7768c9e903734d38528b1bd"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@tcpdump.org",
"ID": "CVE-2018-16301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "tcpdump",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "4.99.0"
}
]
}
}
]
},
"vendor_name": "The Tcpdump Group"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Include Security and Mozilla Secure Open Source program"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190 integer overflow or wraparound"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-787 out-of-bounds write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/the-tcpdump-group/tcpdump/commit/ad7c25bc0decf96dc7768c9e903734d38528b1bd",
"refsource": "CONFIRM",
"url": "https://github.com/the-tcpdump-group/tcpdump/commit/ad7c25bc0decf96dc7768c9e903734d38528b1bd"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cfdbb673-b408-4d03-89c1-c3d73ed80896",
"assignerShortName": "Tcpdump",
"cveId": "CVE-2018-16301",
"datePublished": "2019-10-03T15:55:20.000Z",
"dateReserved": "2018-08-31T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:17:38.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}