PT-2014-8723 · Tcpdump+2 · Tcpdump+2

Steffen Bauch

Published

2014-11-20

Updated

2024-06-15

CVE-2014-8768

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions tcpdump versions 4.5.0 through 4.6.2

Description The issue is related to multiple integer underflows in the geonet print function when tcpdump is in verbose mode. This allows remote attackers to cause a denial of service, resulting in a segmentation fault and crash, by sending a crafted length value in a Geonet frame.

Recommendations For versions 4.5.0 through 4.6.2, consider disabling the verbose mode as a temporary workaround until a patch is available. Restrict access to the geonet print function to minimize the risk of exploitation. Avoid using the verbose mode in the affected tcpdump versions until the issue is resolved.

Exploit

Fix

DoS

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-191

Related Identifiers

CVE-2014-8768

OPENSUSE-SU-2024:10396-1

SUSE-SU-2017:1110-1

USN-2433-1

Affected Products

Suse

Ubuntu

Tcpdump

PT-2014-8723 · Tcpdump+2 · Tcpdump+2

CVE-2014-8768

Weakness Enumeration

Related Identifiers

Affected Products

References · 96