Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-2154

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2015-2154
Last Modified 06 Apr 2015 10:00:52
Published 24 Mar 2015 01:59:07
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-2154

Summary

The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value.

Vulnerable Systems

Application

  • Tcpdump 4.7.0


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1201797

BUGTRAQ - 20150309 tcpdump 4.7.2 remote crashes

DEBIAN - DSA-3193

MISC - http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html

SECTRACK - 1031937

SUSE - openSUSE-SU-2015:0616

MANDRIVA - MDVSA-2015:182

MANDRIVA - MDVSA-2015:125

FEDORA - FEDORA-2015-4939

CONFIRM - http://advisories.mageia.org/MGASA-2015-0114.html

FEDORA - FEDORA-2015-4804


Last Updated: 27 May 2016 11:08:17