[3.3] tcpdump: Multiple vulnerabilities (Various CVEs)
CVE-2017-12893: Buffer over-read in smbutil.c:name_len() in SMB/CIFS
parser
CVE-2017-12894: Buffer over-read in addrtoname.c:lookup_bytestring()
CVE-2017-12895: Buffer over-read in print-icmp.c:icmp_print() in ICMP
parser
CVE-2017-12896: Buffer over-read in
print-isakmp.c:isakmp_rfc3948_print() in ISAKMP parser
CVE-2017-12897: Buffer over-read in print-isoclns.c:isoclns_print() in
ISO CLNS parser
CVE-2017-12898: Buffer over-read in print-nfs.c:interp_reply() in NFS
parser
CVE-2017-12899: Buffer over-read in print-decnet.c:decnet_print() in
DECnet parser
CVE-2017-12900: Buffer over-read in util-print.c:tok2strbuf()
CVE-2017-12901: Buffer over-read in print-eigrp.c:eigrp_print() in
EIGRP parser
CVE-2017-12902: Buffer over-read in print-zephyr.c, several functions in
Zephyr parser
CVE-2017-12985: Buffer over-read in print-ip6.c:ip6_print() in IPv6
parser
CVE-2017-12986: Buffer over-read in print-rt6.c:rt6_print() in IPv6
routing header parser
CVE-2017-12987: Buffer over-read in print-802_11.c:parse_elements() in
IEEE 802.11 parser
CVE-2017-12988: Buffer over-read in print-telnet.c:telnet_parse() in
telnet parser
CVE-2017-12989: Infinite loop due to a bug in
print-resp.c:resp_get_length() in RESP parser
CVE-2017-12990: Infinite loop due to bugs in print-isakmp.c, several
functions in ISAKMP parser
CVE-2017-12991: Buffer over-read in print-bgp.c:bgp_attr_print() in
BGP parser
CVE-2017-12992: Buffer over-read in print-ripng.c:ripng_print() in
RIPng parser
CVE-2017-12993: Buffer over-read in print-juniper.c, several functions
in Juniper protocols parser
CVE-2017-12994: Buffer over-read in print-bgp.c:bgp_attr_print() in
BGP parser
CVE-2017-12995: Infinite loop due to a bug in print-domain.c:ns_print()
in DNS parser
CVE-2017-12996: Buffer over-read in print-pim.c:pimv2_print() in PIMv2
parser
CVE-2017-12997: Infinite loop due to a bug in
print-lldp.c:lldp_private_8021_print() in LLDP parser
CVE-2017-12998: Buffer over-read in
print-isoclns.c:isis_print_extd_ip_reach() in IS-IS parser
CVE-2017-12999: Buffer over-read in print-isoclns.c:isis_print() in
IS-IS parser
CVE-2017-13000: Buffer over-read in
print-802_15_4.c:ieee802_15_4_if_print() in IEEE 802.15.4 parser
CVE-2017-13001: Buffer over-read in print-nfs.c:nfs_printfh() in NFS
parser
CVE-2017-13002: Buffer over-read in print-aodv.c:aodv_extension() in
AODV parser
CVE-2017-13003: Buffer over-read in print-lmp.c:lmp_print() in LMP
parser
CVE-2017-13004: Buffer over-read in
print-juniper.c:juniper_parse_header() in Juniper protocols parser
CVE-2017-13005: Buffer over-read in print-nfs.c:xid_map_enter() in NFS
parser
CVE-2017-13006: Buffer over-read in print-l2tp.c, several functions in
L2TP parser
CVE-2017-13007: Buffer over-read in print-pktap.c:pktap_if_print() in
Apple PKTAP parser
CVE-2017-13008: Buffer over-read in print-802_11.c:parse_elements() in
IEEE 802.11 parser
CVE-2017-13009: Buffer over-read in print-mobility.c:mobility_print()
in IPv6 mobility parser
CVE-2017-13010: Buffer over-read in print-beep.c:l_strnstart() in BEEP
parser
CVE-2017-13011: Buffer overflow in util-print.c:bittok2str_internal()
CVE-2017-13012: Buffer over-read in print-icmp.c:icmp_print() in ICMP
parser
CVE-2017-13013: Buffer over-read in print-arp.c, several functions in
ARP parser
CVE-2017-13014: Buffer over-read in print-wb.c:wb_prep(), several
functions in White Board protocol parser
CVE-2017-13015: Buffer over-read in print-eap.c:eap_print() in EAP
parser
CVE-2017-13016: Buffer over-read in print-isoclns.c:esis_print() in ISO
ES-IS parser
CVE-2017-13017: Buffer over-read in print-dhcp6.c:dhcp6opt_print() in
DHCPv6 parser
CVE-2017-13018: Buffer over-read in print-pgm.c:pgm_print() in PGM
parser
CVE-2017-13019: Buffer over-read in print-pgm.c:pgm_print() in PGM
parser
CVE-2017-13020: Buffer over-read in print-vtp.c:vtp_print() in VTP
parser
CVE-2017-13021: Buffer over-read in print-icmp6.c:icmp6_print() in
ICMPv6 parser
CVE-2017-13022: Buffer over-read in print-ip.c:ip_printroute() in IP
parser
CVE-2017-13023: Buffer over-read in
print-mobility.c:mobility_opt_print() in IPv6 mobility parser
CVE-2017-13024: Buffer over-read in
print-mobility.c:mobility_opt_print() in IPv6 mobility parser
CVE-2017-13025: Buffer over-read in
print-mobility.c:mobility_opt_print() in IPv6 mobility parser
CVE-2017-13026: Buffer over-read in print-isoclns.c, several functions
in ISO IS-IS parser
CVE-2017-13027: Buffer over-read in
print-lldp.c:lldp_mgmt_addr_tlv_print() in LLDP parser
CVE-2017-13028: Buffer over-read in print-bootp.c:bootp_print() in
BOOTP parser
CVE-2017-13029: Buffer over-read in
print-ppp.c:print_ccp_config_options() in PPP parser
CVE-2017-13030: Buffer over-read in print-pim.c, several functions in
PIM parser
CVE-2017-13031: Buffer over-read in print-frag6.c:frag6_print() in IPv6
fragmentation header parser
CVE-2017-13032: Buffer over-read in print-radius.c:print_attr_string()
in RADIUS parser
CVE-2017-13033: Buffer over-read in print-vtp.c:vtp_print() in VTP
parser
CVE-2017-13034: Buffer over-read in print-pgm.c:pgm_print() in PGM
parser
CVE-2017-13035: Buffer over-read in print-isoclns.c:isis_print_id() in
ISO IS-IS parser
CVE-2017-13036: Buffer over-read in print-ospf6.c:ospf6_decode_v3() in
OSPFv3 parser
CVE-2017-13037: Buffer over-read in print-ip.c:ip_printts() in IP
parser
CVE-2017-13038: Buffer over-read in print-ppp.c:handle_mlppp() in PPP
parser
CVE-2017-13039: Buffer over-read in print-isakmp.c, several functions in
ISAKMP parser
CVE-2017-13040: Buffer over-read in print-mptcp.c, several functions in
MPTCP parser
CVE-2017-13041: Buffer over-read in
print-icmp6.c:icmp6_nodeinfo_print() in ICMPv6 parser
CVE-2017-13042: Buffer over-read in print-hncp.c:dhcpv6_print() in HNCP
parser
CVE-2017-13043: Buffer over-read in print-bgp.c:decode_multicast_vpn()
in BGP parser
CVE-2017-13044: Buffer over-read in print-hncp.c:dhcpv4_print() in HNCP
parser
CVE-2017-13045: Buffer over-read in print-vqp.c:vqp_print() in VQP
parser
CVE-2017-13046: Buffer over-read in print-bgp.c:bgp_attr_print() in
BGP parser
CVE-2017-13047: Buffer over-read in print-isoclns.c:esis_print() in ISO
ES-IS parser
CVE-2017-13048: Buffer over-read in print-rsvp.c:rsvp_obj_print() in
RSVP parser
CVE-2017-13049: Buffer over-read in print-rx.c:ubik_print() in Rx
protocol parser
CVE-2017-13050: Buffer over-read in
print-rpki-rtr.c:rpki_rtr_pdu_print() in RPKI-Router parser
CVE-2017-13051: Buffer over-read in print-rsvp.c:rsvp_obj_print() in
RSVP parser
CVE-2017-13052: Buffer over-read in print-cfm.c:cfm_print() in CFM
parser
CVE-2017-13053: Buffer over-read in
print-bgp.c:decode_rt_routing_info() in BGP parser
CVE-2017-13054: Buffer over-read in
print-lldp.c:lldp_private_8023_print() in LLDP parser
CVE-2017-13055: Buffer over-read in
print-isoclns.c:isis_print_is_reach_subtlv() in ISO IS-IS parser
CVE-2017-13687: Buffer over-read in print-chdlc.c:chdlc_print() in
Cisco HDLC parser
CVE-2017-13688: Buffer over-read in print-olsr.c:olsr_print() in OLSR
parser
CVE-2017-13689: Buffer over-read in print-isakmp.c:ikev1_id_print() in
IKEv1 parser
CVE-2017-13690: Buffer over-read in print-isakmp.c, several functions in
IKEv2 parser
CVE-2017-13725: Buffer over-read in print-rt6.c:rt6_print() in IPv6
routing header parser
Fixed In Version:
tcpdump 4.9.2
References:
http://www.tcpdump.org/tcpdump-changes.txt
(from redmine: issue id 7842, created on 2017-09-15, closed on 2017-09-15)
- Relations:
- parent #7837 (closed)
- Changesets:
- Revision 21ee2e2c by Andy Postnikov on 2017-09-15T13:16:30Z:
main/tcpdump: upgrade to 4.9.2
Lots of security fixes http://www.tcpdump.org/tcpdump-changes.txt
fixes #7842