[ { "id": "CVE-2018-16301", "is_known_exploited_vuln": false, "description": "The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-16301", "https://github.com/the-tcpdump-group/tcpdump/commit/ad7c25bc0decf96dc7768c9e903734d38528b1bd" ] }, { "id": "CVE-2019-15166", "is_known_exploited_vuln": false, "description": "lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2019-15166", "https://github.com/the-tcpdump-group/tcpdump/commit/0b661e0aa61850234b64394585cf577aac570bf4", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-19519", "is_known_exploited_vuln": false, "description": "In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-19519", "https://github.com/zyingp/temp/blob/master/tcpdump.md", "http://www.securityfocus.com/bid/106098", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://access.redhat.com/errata/RHSA-2019:3976", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/", "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516" ] }, { "id": "CVE-2018-16451", "is_known_exploited_vuln": false, "description": "The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-16451", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://github.com/the-tcpdump-group/tcpdump/commit/96480ab95308cd9234b4f09b175ebf60e17792c6", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-16230", "is_known_exploited_vuln": false, "description": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-16230", "https://github.com/the-tcpdump-group/tcpdump/commit/13d52e9c0e7caf7e6325b0051bc90a49968be67f", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-16229", "is_known_exploited_vuln": false, "description": "The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-16229", "https://github.com/the-tcpdump-group/tcpdump/commit/211124b972e74f0da66bc8b16f181f78793e2f66", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-16228", "is_known_exploited_vuln": false, "description": "The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-16228", "https://github.com/the-tcpdump-group/tcpdump/commit/83a412a5275cac973c5841eca3511c766bed778d", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-16227", "is_known_exploited_vuln": false, "description": "The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-16227", "https://github.com/the-tcpdump-group/tcpdump/commit/4846b3c5d0a850e860baf4f07340495d29837d09", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-14882", "is_known_exploited_vuln": false, "description": "The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-14882", "https://github.com/the-tcpdump-group/tcpdump/commit/d7505276842e85bfd067fa21cdb32b8a2dc3c5e4", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-14881", "is_known_exploited_vuln": false, "description": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-14881", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://github.com/the-tcpdump-group/tcpdump/commit/86326e880d31b328a151d45348c35220baa9a1ff", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-14880", "is_known_exploited_vuln": false, "description": "The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-14880", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://github.com/the-tcpdump-group/tcpdump/commit/e01c9bf76740802025c9328901b55ee4a0c49ed6", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://support.f5.com/csp/article/K56551263?utm_source=f5support&utm_medium=RSS", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-14879", "is_known_exploited_vuln": false, "description": "The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-14879", "https://github.com/the-tcpdump-group/tcpdump/commit/9ba91381954ad325ea4fd26b9c65a8bd9a2a85b6", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.f5.com/csp/article/K51512510?utm_source=f5support&utm_medium=RSS", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-14470", "is_known_exploited_vuln": false, "description": "The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-14470", "https://github.com/the-tcpdump-group/tcpdump/commit/12f66f69f7bf1ec1266ddbee90a7616cbf33696b", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-14469", "is_known_exploited_vuln": false, "description": "The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-14469", "https://github.com/the-tcpdump-group/tcpdump/commit/396e94ff55a80d554b1fe46bf107db1e91008d6c", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-14468", "is_known_exploited_vuln": false, "description": "The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-14468", "https://github.com/the-tcpdump-group/tcpdump/commit/aa3e54f594385ce7e1e319b0c84999e51192578b", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.f5.com/csp/article/K04367730?utm_source=f5support&utm_medium=RSS", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-14467", "is_known_exploited_vuln": false, "description": "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-14467", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://github.com/the-tcpdump-group/tcpdump/commit/e3f3b445e2d20ac5d5b7fcb7559ce6beb55da0c9", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-14466", "is_known_exploited_vuln": false, "description": "The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-14466", "https://github.com/the-tcpdump-group/tcpdump/commit/c24922e692a52121e853a84ead6b9337f4c08a94", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-14465", "is_known_exploited_vuln": false, "description": "The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-14465", "https://github.com/the-tcpdump-group/tcpdump/commit/bea2686c296b79609060a104cc139810785b0739", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-14464", "is_known_exploited_vuln": false, "description": "The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-14464", "https://github.com/the-tcpdump-group/tcpdump/commit/d97e94223720684c6aa740ff219e0d19426c2220", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] }, { "id": "CVE-2018-14463", "is_known_exploited_vuln": false, "description": "The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2018-14463", "https://github.com/the-tcpdump-group/tcpdump/commit/3de07c772166b7e8e8bb4b9d1d078f1d901b570b", "https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES", "https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html", "https://seclists.org/bugtraq/2019/Oct/28", "https://www.debian.org/security/2019/dsa-4547", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/", "https://support.apple.com/kb/HT210788", "https://seclists.org/bugtraq/2019/Dec/23", "http://seclists.org/fulldisclosure/2019/Dec/26", "https://security.netapp.com/advisory/ntap-20200120-0001/", "https://usn.ubuntu.com/4252-2/", "https://usn.ubuntu.com/4252-1/" ] } ]