CVE-2018-19519

Опубликовано: 03 дек. 2018

Источник: redhat

CVSS3: 4.3

EPSS Низкий

Описание

In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.

Отчет

This issue affects the versions of tcpdump as shipped with Red Hat Enterprise Linux 7. This issue did not affect the versions of tcpdump as shipped with Red Hat Enterprise Linux 5 and 6.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	tcpdump	Not affected
Red Hat Enterprise Linux 6	tcpdump	Not affected
Red Hat Enterprise Linux 7	tcpdump	Fixed	RHSA-2019:3976	26.11.2019
Red Hat Enterprise Linux 8	tcpdump	Fixed	RHSA-2020:1604	28.04.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1655374tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap

EPSS

Процентиль: 59%

0.00383

Низкий

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2018-19519

CVSS3: 5.5

ubuntu

около 7 лет назад

In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.

CVE-2018-19519

CVSS3: 5.5

nvd

около 7 лет назад

In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.

CVE-2018-19519

CVSS3: 5.5

debian

около 7 лет назад

In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_p ...

openSUSE-SU-2018:4252-1

suse-cvrf

около 7 лет назад

Security update for tcpdump

openSUSE-SU-2018:4144-1

suse-cvrf

около 7 лет назад

Security update for tcpdump

EPSS

Процентиль: 59%

0.00383

Низкий

4.3 Medium

CVSS3