KLA10498
Denial of service vulnerabilities in tcpdump

Updated: 06/18/2020
Detect date
?
03/24/2015
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in tcpdump. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities

  1. An unknown vulnerability can be exploited remotely via a specially designed packets and other unknown vectors;
  2. Integer signedness can be exploited remotely via a cpecially designed length value.
Affected products

tcpdump versions earlier than 4.7.2

Solution

Update to latest version!
Get tcpdump

Impacts
?
DoS 
[?]
Related products
tcpdump
CVE-IDS
?
CVE-2015-02617.5Critical
CVE-2015-21557.5Critical
CVE-2015-21545.0Critical
CVE-2015-21535.0Critical
Exploitation

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/37663