Security update for tcpdump SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:0616-1 Final 1 1 2015-03-20T14:29:39Z current 2015-03-20T14:29:39Z 2015-03-20T14:29:39Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for tcpdump tcpdump was updated to fix five vulnerabilities in protocol printers When running tcpdump, a remote unauthenticated user could have crashed the application or, potentially, execute arbitrary code by injecting crafted packages into the network. The following vulnerabilities were fixed: * IPv6 mobility printer remote DoS (CVE-2015-0261, bnc#922220) * PPP printer remote DoS (CVE-2014-9140, bnc#923142) * force printer remote DoS (CVE-2015-2155, bnc#922223) * ethernet printer remote DoS (CVE-2015-2154, bnc#922222) * tcp printer remote DoS (CVE-2015-2153, bnc#922221) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html E-Mail link for openSUSE-SU-2015:0616-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings tcpdump-4.4.0-2.8.1 Buffer overflow in the ppp_hdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service (crash) cia a crafted PPP packet. CVE-2014-9140 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html https://www.suse.com/security/cve/CVE-2014-9140.html CVE-2014-9140 https://bugzilla.suse.com/923142 SUSE Bug 923142 Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value. CVE-2015-0261 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html https://www.suse.com/security/cve/CVE-2015-0261.html CVE-2015-0261 https://bugzilla.suse.com/922220 SUSE Bug 922220 The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU). CVE-2015-2153 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html https://www.suse.com/security/cve/CVE-2015-2153.html CVE-2015-2153 https://bugzilla.suse.com/922221 SUSE Bug 922221 https://bugzilla.suse.com/922222 SUSE Bug 922222 https://bugzilla.suse.com/922223 SUSE Bug 922223 The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum value. CVE-2015-2154 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html https://www.suse.com/security/cve/CVE-2015-2154.html CVE-2015-2154 https://bugzilla.suse.com/922222 SUSE Bug 922222 The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. CVE-2015-2155 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html https://www.suse.com/security/cve/CVE-2015-2155.html CVE-2015-2155 https://bugzilla.suse.com/922220 SUSE Bug 922220 https://bugzilla.suse.com/922221 SUSE Bug 922221 https://bugzilla.suse.com/922222 SUSE Bug 922222 https://bugzilla.suse.com/922223 SUSE Bug 922223