Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0261

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2015-0261
Last Modified 06 Apr 2015 10:00:15
Published 24 Mar 2015 01:59:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-0261

Summary

Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value.

Vulnerable Systems

Application

  • Tcpdump 4.7.0


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1201792

BUGTRAQ - 20150309 tcpdump 4.7.2 remote crashes

DEBIAN - DSA-3193

MISC - http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html

SECTRACK - 1031937

SUSE - openSUSE-SU-2015:0616

MANDRIVA - MDVSA-2015:182

MANDRIVA - MDVSA-2015:125

FEDORA - FEDORA-2015-4939

CONFIRM - http://advisories.mageia.org/MGASA-2015-0114.html

FEDORA - FEDORA-2015-4804


Last Updated: 27 May 2016 11:08:17