Tcpdump
tcpdump
181 CVEs • 3 products
Products (3)
Click to collapseToggle
Products (3)
Click to collapse
CVEs (181)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcap_findalldevs_ex(). One of the fu...Show more |
In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whet...Show more |
The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet. |
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463. |
Use after free in tcpslice triggers AddressSanitizer, no other confirmed impact. |
4Apple DebianFedoraproject+1 more5Debian Linux FedoraMac Os X+2 moreNov 21, 2024 Nov 4, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. |
The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way. |
7Apple CanonicalDebian+4 more11Communications Operations Monitor Debian LinuxFedora+8 moreDec 3, 2025 Oct 3, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. |
rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. |
rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails. |
rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. |
rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request. |
8Apple CanonicalDebian+5 more10Cloud Backup Debian LinuxEnterprise Linux+7 moreDec 3, 2025 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. |
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. |
6Apple DebianFedoraproject+3 more6Debian Linux Enterprise LinuxFedora+3 moreDec 3, 2025 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. |
The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the...Show more |
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. |
6Apple DebianFedoraproject+3 more6Debian Linux Enterprise LinuxFedora+3 moreDec 3, 2025 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). |
7Apple DebianF5+4 more7Debian Linux Enterprise LinuxFedora+4 moreNov 21, 2024 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). |
6Apple DebianFedoraproject+3 more6Debian Linux Enterprise LinuxFedora+3 moreDec 3, 2025 Oct 3, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). |