Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-2153

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2015-2153
Last Modified 06 Apr 2015 10:00:51
Published 24 Mar 2015 01:59:06
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-2153

Summary

The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).

Vulnerable Systems

Application

  • Tcpdump 4.7.0


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1201795

BUGTRAQ - 20150309 tcpdump 4.7.2 remote crashes

DEBIAN - DSA-3193

MISC - http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html

SECTRACK - 1031937

SUSE - openSUSE-SU-2015:0616

MANDRIVA - MDVSA-2015:182

MANDRIVA - MDVSA-2015:125

FEDORA - FEDORA-2015-4939

CONFIRM - http://advisories.mageia.org/MGASA-2015-0114.html

FEDORA - FEDORA-2015-4804


Last Updated: 27 May 2016 11:08:17