Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в tcpdump
Опубликовано:16 марта 2015 г.
Источник:
SecurityVulns ID:14315
Тип:удаленная
Уровень опасности:
5/10
Описание:Многочисленные уязвимости в диссекторах протоколов.
Затронутые продукты:TCPDUMP : tcpdump 4.7
CVE:CVE-2015-2155 (The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.)
 CVE-2015-2154 (The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value.)
 CVE-2015-2153 (The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).)
 CVE-2015-0261 (Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value.)
 CVE-2014-9140 (Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet.)
Оригинальный текстdocumentMichael Richardson, tcpdump 4.7.2 remote crashes (16.03.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород