← Back

CVE-2018-14880

nvd nist
Published: Oct 3, 2019Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().

Affected (83)

Products: Tcpdump: Tcpdump · Apple: Mac Os X · Debian: Debian Linux · +4 more
Show all products
Tcpdump: Tcpdump · Apple: Mac Os X · Debian: Debian Linux · Fedoraproject: Fedora · Opensuse: Leap · Redhat: Enterprise Linux · F5: Big Iq Centralized Management, Big Ip Access Policy Manager, Big Ip Advanced Firewall Manager, Big Ip Analytics, Big Ip Application Acceleration Manager, Big Ip Application Security Manager, Big Ip Domain Name System, Big Ip Edge Gateway, Big Ip Fraud Protection Service, Big Ip Global Traffic Manager, Big Ip Link Controller, Big Ip Local Traffic Manager, Big Ip Policy Enforcement Manager, Big Ip Webaccelerator, Enterprise Manager, Iworkflow, Traffix Signaling Delivery Controller
Tcpdump
1 product
Tcpdump
Apple
1 product
Mac Os X
Debian
1 product
Debian Linux
Fedoraproject
1 product
Fedora
Opensuse
1 product
Leap
Redhat
1 product
Enterprise Linux
F5
17 products
Big Iq Centralized Management
Big Ip Access Policy Manager
Big Ip Advanced Firewall Manager
Big Ip Analytics
Big Ip Application Acceleration Manager
Big Ip Application Security Manager
Big Ip Domain Name System
Big Ip Edge Gateway
Big Ip Fraud Protection Service
Big Ip Global Traffic Manager
Big Ip Link Controller
Big Ip Local Traffic Manager
Big Ip Policy Enforcement Manager
Big Ip Webaccelerator
Enterprise Manager
Iworkflow
Traffix Signaling Delivery Controller
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Tcpdump
Before 4.9.3
Configuration B
11 vulnerable
Vulnerable SoftwareAffected Versions
Mac Os X
Before 10.15.2
Debian
Debian Linux
Version 10.0
Debian Linux
Version 8.0
Debian Linux
Version 9.0
Fedoraproject
Fedora
Version 29
Fedora
Version 30
Fedora
Version 31
Opensuse
Leap
Version 15.0
Leap
Version 15.1
Redhat
Enterprise Linux
Version 7.0
Enterprise Linux
Version 8.0
Configuration C
3 vulnerable
Vulnerable SoftwareAffected Versions
F5
Big Iq Centralized Management
From 5.2.0 to 5.4.0
Big Iq Centralized Management
From 6.0.0 to 6.1.0
Big Iq Centralized Management
Version 7.0.0
Configuration D
65 vulnerable
Vulnerable SoftwareAffected Versions
F5
Big Ip Access Policy Manager
From 11.5.2 to 11.6.5
Big Ip Access Policy Manager
From 12.1.0 to 12.1.5
Big Ip Access Policy Manager
From 13.1.0 to 13.1.3
Big Ip Access Policy Manager
From 14.0.0 to 14.1.2
Big Ip Access Policy Manager
From 15.0.0 to 15.0.1
F5
Big Ip Advanced Firewall Manager
From 11.5.2 to 11.6.5
Big Ip Advanced Firewall Manager
From 12.1.0 to 12.1.5
Big Ip Advanced Firewall Manager
From 13.1.0 to 13.1.3
Big Ip Advanced Firewall Manager
From 14.0.0 to 14.1.2
Big Ip Advanced Firewall Manager
From 15.0.0 to 15.0.1
F5
Big Ip Analytics
From 11.5.2 to 11.6.5
Big Ip Analytics
From 12.1.0 to 12.1.5
Big Ip Analytics
From 13.1.0 to 13.1.3
Big Ip Analytics
From 14.0.0 to 14.1.2
Big Ip Analytics
From 15.0.0 to 15.0.1
F5
Big Ip Application Acceleration Manager
From 11.5.2 to 11.6.5
Big Ip Application Acceleration Manager
From 12.1.0 to 12.1.5
Big Ip Application Acceleration Manager
From 13.1.0 to 13.1.3
Big Ip Application Acceleration Manager
From 14.0.0 to 14.1.2
Big Ip Application Acceleration Manager
From 15.0.0 to 15.0.1
F5
Big Ip Application Security Manager
From 11.5.2 to 11.6.5
Big Ip Application Security Manager
From 12.1.0 to 12.1.5
Big Ip Application Security Manager
From 13.1.0 to 13.1.3
Big Ip Application Security Manager
From 14.0.0 to 14.1.2
Big Ip Application Security Manager
From 15.0.0 to 15.0.1
F5
Big Ip Domain Name System
From 11.5.2 to 11.6.5
Big Ip Domain Name System
From 12.1.0 to 12.1.5
Big Ip Domain Name System
From 13.1.0 to 13.1.3
Big Ip Domain Name System
From 14.0.0 to 14.1.2
Big Ip Domain Name System
From 15.0.0 to 15.0.1
F5
Big Ip Edge Gateway
From 11.5.2 to 11.6.5
Big Ip Edge Gateway
From 12.1.0 to 12.1.5
Big Ip Edge Gateway
From 13.1.0 to 13.1.3
Big Ip Edge Gateway
From 14.0.0 to 14.1.2
Big Ip Edge Gateway
From 15.0.0 to 15.0.1
F5
Big Ip Fraud Protection Service
From 11.5.2 to 11.6.5
Big Ip Fraud Protection Service
From 12.1.0 to 12.1.5
Big Ip Fraud Protection Service
From 13.1.0 to 13.1.3
Big Ip Fraud Protection Service
From 14.0.0 to 14.1.2
Big Ip Fraud Protection Service
From 15.0.0 to 15.0.1
F5
Big Ip Global Traffic Manager
From 11.5.2 to 11.6.5
Big Ip Global Traffic Manager
From 12.1.0 to 12.1.5
Big Ip Global Traffic Manager
From 13.1.0 to 13.1.3
Big Ip Global Traffic Manager
From 14.0.0 to 14.1.2
Big Ip Global Traffic Manager
From 15.0.0 to 15.0.1
F5
Big Ip Link Controller
From 11.5.2 to 11.6.5
Big Ip Link Controller
From 12.1.0 to 12.1.5
Big Ip Link Controller
From 13.1.0 to 13.1.3
Big Ip Link Controller
From 14.0.0 to 14.1.2
Big Ip Link Controller
From 15.0.0 to 15.0.1
F5
Big Ip Local Traffic Manager
From 11.5.2 to 11.6.5
Big Ip Local Traffic Manager
From 12.1.0 to 12.1.5
Big Ip Local Traffic Manager
From 13.1.0 to 13.1.3
Big Ip Local Traffic Manager
From 14.0.0 to 14.1.2
Big Ip Local Traffic Manager
From 15.0.0 to 15.0.1
F5
Big Ip Policy Enforcement Manager
From 11.5.2 to 11.6.5
Big Ip Policy Enforcement Manager
From 12.1.0 to 12.1.5
Big Ip Policy Enforcement Manager
From 13.1.0 to 13.1.3
Big Ip Policy Enforcement Manager
From 14.0.0 to 14.1.2
Big Ip Policy Enforcement Manager
From 15.0.0 to 15.0.1
F5
Big Ip Webaccelerator
From 11.5.2 to 11.6.5
Big Ip Webaccelerator
From 12.1.0 to 12.1.5
Big Ip Webaccelerator
From 13.1.0 to 13.1.3
Big Ip Webaccelerator
From 14.0.0 to 14.1.2
Big Ip Webaccelerator
From 15.0.0 to 15.0.1
Configuration E
3 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Manager
Version 3.1.1
Iworkflow
Version 2.3.0
Traffix Signaling Delivery Controller
From 5.0.0 to 5.1.0

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (34)

Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Release NotesThird Party Advisory
Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.