UbuntuUpdates.org

Package "tcpdump"

Name: tcpdump

Description:

command-line network traffic analyzer
Latest version: 4.9.3-0ubuntu0.12.04.1
Release: precise (12.04)
Level: updates
Repository: main
Homepage: http://www.tcpdump.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "tcpdump"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "tcpdump" in Precise

Repository Area Version
base main 4.2.1-1ubuntu2
security main 4.9.3-0ubuntu0.12.04.1
backports main 4.5.1-2ubuntu1~ubuntu12.04.1

Changelog

Version: 4.9.3-0ubuntu0.12.04.1 2021-05-03 16:06:19 UTC

  tcpdump (4.9.3-0ubuntu0.12.04.1) precise-security; urgency=medium

  [ Marc Deslauriers ]
  * SECURITY UPDATE: Updated to 4.9.3 to fix multiple security issues
    - debian/patches/disable-tests.diff: disable tests that require newer
      libpcap.
    - CVE-2017-16808, CVE-2018-10103, CVE-2018-10105, CVE-2018-14461,
      CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465,
      CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469,
      CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881,
      CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229,
      CVE-2018-16230, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452,
      CVE-2018-19519, CVE-2019-1010220, CVE-2019-15166, CVE-2019-15167

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 27 Jan 2020 13:00:35 -0300
Source diff to previous version
CVE-2017-16808 tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.
CVE-2018-10103 tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).
CVE-2018-10105 tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).
CVE-2018-14461 The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
CVE-2018-14462 The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().
CVE-2018-14463 The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().
CVE-2018-14464 The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().
CVE-2018-14465 The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
CVE-2018-14466 The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().
CVE-2018-14467 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).
CVE-2018-14468 The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
CVE-2018-14469 The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
CVE-2018-14470 The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().
CVE-2018-14879 The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().
CVE-2018-14880 The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().
CVE-2018-14881 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).
CVE-2018-14882 The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.
CVE-2018-16227 The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.
CVE-2018-16228 The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().
CVE-2018-16229 The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().
CVE-2018-16230 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).
CVE-2018-16300 The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.
CVE-2018-16451 The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.
CVE-2018-16452 The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.
CVE-2018-19519 In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initi
CVE-2019-1010220 tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The
CVE-2019-15166 lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
CVE-2019-15167 RESERVED

Version: 4.9.0-1ubuntu1~ubuntu12.04.1 2017-02-21 21:06:54 UTC

  tcpdump (4.9.0-1ubuntu1~ubuntu12.04.1) precise-security; urgency=medium

  [ Gianfranco Costamagna ]
  * Backport to precise to fix CVEs (LP: #1662177).
  * Reset libpcap dependency to precise version
  * Enable crypto support, dropped in zesty because of openssl.
  * Disable some tests failing with older pcap versions
Source diff to previous version
1662177 tcpdump multiple CVEs

Version: 4.2.1-1ubuntu2.2 2015-04-27 16:08:02 UTC

  tcpdump (4.2.1-1ubuntu2.2) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible code execution via
    multiple issues (LP: #1444363)
    - debian/patches/60_cve-2015-0261.diff: check lengths in
      print-mobility.c.
    - debian/patches/60_cve-2015-2153.diff: check length in
      print-rpki-rtr.c.
    - debian/patches/60_cve-2015-2153-fix-regression.diff: more length
      checks in print-rpki-rtr.c.
    - debian/patches/60_cve-2015-2154.diff: check lengths in
      print-isoclns.c.
    - debian/patches/60_cve-2015-2155.diff: make sure ops->print is valid
      in print-forces.c.
    - CVE-2015-0261
    - CVE-2015-2153
    - CVE-2015-2154
    - CVE-2015-2155
 -- Marc Deslauriers <email address hidden> Fri, 24 Apr 2015 15:15:57 -0400
Source diff to previous version
1444363 tcpdump missing some CVEs
CVE-2015-0261 Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a d
CVE-2015-2153 The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (
CVE-2015-2154 The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service
CVE-2015-2155 The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspec

Version: 4.2.1-1ubuntu2.1 2014-12-04 16:06:26 UTC

  tcpdump (4.2.1-1ubuntu2.1) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible code execution in
    olsr_print
    - debian/patches/CVE-2014-8767.patch: improve bounds checking and
      error handling in print-olsr.c.
    - CVE-2014-8767
  * SECURITY UPDATE: denial of service and possible code execution in
    print-aodv.c
    - debian/patches/CVE-2014-8769.patch: improve bounds checking and
      length checking in print-aodv.c, aodv.h.
    - CVE-2014-8769
  * SECURITY UPDATE: denial of service and possible code execution in
    print-ppp.c
    - debian/patches/CVE-2014-9140.patch: improve bounds checking in
      print-ppp.c.
    - CVE-2014-9140
 -- Marc Deslauriers <email address hidden> Wed, 03 Dec 2014 17:05:38 -0500
CVE-2014-8767 Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of servi
CVE-2014-8769 tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segme
CVE-2014-9140 buffer overflow in the PPP dissector


About   -   Send Feedback to @ubuntu_updates