Detections
Analytics

RHEL 6 : tcpdump (Unpatched Vulnerability)

critical Nessus Plugin ID 195551

Synopsis

The remote Red Hat 6 host is affected by multiple vulnerabilities that will not be patched.

Description

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

 - tcpdump: SMB data printing mishandled (CVE-2018-10105)

 - The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ah_print(). (CVE-2016-7922)

 - The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arp_print(). (CVE-2016-7923)

 - The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:oam_print(). (CVE-2016-7924)

 - The compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow in print-sl.c:sl_if_print().
 (CVE-2016-7925)

 - The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertype_print().
 (CVE-2016-7926)

 - The IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in print-802_11.c:ieee802_11_radio_print(). (CVE-2016-7927)

 - The IPComp parser in tcpdump before 4.9.0 has a buffer overflow in print-ipcomp.c:ipcomp_print().
 (CVE-2016-7928)

 - The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print- juniper.c:juniper_parse_header(). (CVE-2016-7929)

 - The LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in print-llc.c:llc_print().
 (CVE-2016-7930)

 - The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().
 (CVE-2016-7931)

 - The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2_check_checksum().
 (CVE-2016-7932)

 - The PPP parser in tcpdump before 4.9.0 has a buffer overflow in print-ppp.c:ppp_hdlc_if_print().
 (CVE-2016-7933)

 - The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcp_print(). (CVE-2016-7934)

 - The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print(). (CVE-2016-7935)

 - The UDP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:udp_print(). (CVE-2016-7936)

 - The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vat_print(). (CVE-2016-7937)

 - The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame().
 (CVE-2016-7938)

 - The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions.
 (CVE-2016-7939)

 - The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions.
 (CVE-2016-7940)

 - The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions.
 (CVE-2016-7973)

 - The IP parser in tcpdump before 4.9.0 has a buffer overflow in print-ip.c, multiple functions.
 (CVE-2016-7974)

 - The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcp_print(). (CVE-2016-7975)

 - The BOOTP parser in tcpdump before 4.9.0 has a buffer overflow in print-bootp.c:bootp_print().
 (CVE-2016-7983, CVE-2017-5203)

 - The TFTP parser in tcpdump before 4.9.0 has a buffer overflow in print-tftp.c:tftp_print().
 (CVE-2016-7984)

 - The CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in print-calm-fast.c:calm_fast_print().
 (CVE-2016-7985)

 - The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. (CVE-2016-7986)

 - The Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer overflow in print- cip.c:cip_if_print(). (CVE-2016-7992)

 - A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). (CVE-2016-7993)

 - The FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:frf15_print().
 (CVE-2016-8574)

 - The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2017-5482. (CVE-2016-8575)

 - tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol. (CVE-2017-11108)

 - tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c. (CVE-2017-11541)

 - tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.
 (CVE-2017-11542)

 - tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c. (CVE-2017-11543)

 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11543. Reason: This candidate is a duplicate of CVE-2017-11543. Notes: All CVE users should reference CVE-2017-11543 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage (CVE-2017-11544)

 - The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
 (CVE-2017-12893)

 - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring(). (CVE-2017-12894)

 - The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
 (CVE-2017-12895, CVE-2017-13012)

 - The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
 (CVE-2017-12896)

 - The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
 (CVE-2017-12897)

 - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
 (CVE-2017-12898)

 - The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
 (CVE-2017-12899)

 - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util- print.c:tok2strbuf(). (CVE-2017-12900)

 - The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().
 (CVE-2017-12901)

 - The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
 (CVE-2017-12902)

 - The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().
 (CVE-2017-12985)

 - The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
 (CVE-2017-12986, CVE-2017-13725)

 - The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
 (CVE-2017-12987, CVE-2017-13008)

 - The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().
 (CVE-2017-12988)

 - The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print- resp.c:resp_get_length(). (CVE-2017-12989)

 - The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions. (CVE-2017-12990)

 - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
 (CVE-2017-12991, CVE-2017-12994, CVE-2017-13046)

 - The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().
 (CVE-2017-12992)

 - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions. (CVE-2017-12993)

 - The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print- domain.c:ns_print(). (CVE-2017-12995)

 - The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().
 (CVE-2017-12996)

 - The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print- lldp.c:lldp_private_8021_print(). (CVE-2017-12997)

 - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print- isoclns.c:isis_print_extd_ip_reach(). (CVE-2017-12998)

 - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().
 (CVE-2017-12999)

 - The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print(). (CVE-2017-13000)

 - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().
 (CVE-2017-13001)

 - The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().
 (CVE-2017-13002)

 - The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print(). (CVE-2017-13003)

 - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print- juniper.c:juniper_parse_header(). (CVE-2017-13004)

 - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().
 (CVE-2017-13005)

 - The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.
 (CVE-2017-13006)

 - The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().
 (CVE-2017-13007)

 - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print- mobility.c:mobility_print(). (CVE-2017-13009)

 - The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().
 (CVE-2017-13010)

 - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util- print.c:bittok2str_internal(). (CVE-2017-13011)

 - The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.
 (CVE-2017-13013)

 - The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions. (CVE-2017-13014)

 - The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print(). (CVE-2017-13015)

 - The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().
 (CVE-2017-13016, CVE-2017-13047)

 - The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().
 (CVE-2017-13017)

 - The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). (CVE-2017-13018, CVE-2017-13019, CVE-2017-13034)

 - The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). (CVE-2017-13020, CVE-2017-13033)

 - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().
 (CVE-2017-13021)

 - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().
 (CVE-2017-13022)

 - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print- mobility.c:mobility_opt_print(). (CVE-2017-13023, CVE-2017-13024, CVE-2017-13025)

 - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.
 (CVE-2017-13026)

 - The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().
 (CVE-2017-13027)

 - The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
 (CVE-2017-13028)

 - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().
 (CVE-2017-13029)

 - The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.
 (CVE-2017-13030)

 - The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print- frag6.c:frag6_print(). (CVE-2017-13031)

 - The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().
 (CVE-2017-13032)

 - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().
 (CVE-2017-13035)

 - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().
 (CVE-2017-13036)

 - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). (CVE-2017-13037)

 - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().
 (CVE-2017-13038)

 - The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
 (CVE-2017-13039)

 - The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.
 (CVE-2017-13040)

 - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().
 (CVE-2017-13041)

 - The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().
 (CVE-2017-13042)

 - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().
 (CVE-2017-13043)

 - The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().
 (CVE-2017-13044)

 - The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print(). (CVE-2017-13045)

 - The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
 (CVE-2017-13048, CVE-2017-13051)

 - The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
 (CVE-2017-13049)

 - The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki- rtr.c:rpki_rtr_pdu_print(). (CVE-2017-13050)

 - The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print(). (CVE-2017-13052)

 - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
 (CVE-2017-13053)

 - The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().
 (CVE-2017-13054)

 - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print- isoclns.c:isis_print_is_reach_subtlv(). (CVE-2017-13055)

 - The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
 (CVE-2017-13687)

 - The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().
 (CVE-2017-13688)

 - The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
 (CVE-2017-13689)

 - The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
 (CVE-2017-13690)

 - tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c. (CVE-2017-16808)

 - The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().
 (CVE-2017-5202, CVE-2017-5486)

 - The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print(). (CVE-2017-5204)

 - The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in print-isakmp.c:ikev2_e_print().
 (CVE-2017-5205)

 - The OTV parser in tcpdump before 4.9.0 has a buffer overflow in print-otv.c:otv_print(). (CVE-2017-5341)

 - In tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in print-ether.c:ether_print(). (CVE-2017-5342)

 - The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print(), a different vulnerability than CVE-2016-8575. (CVE-2017-5482)

 - The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1_parse().
 (CVE-2017-5483)

 - The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print(). (CVE-2017-5484)

 - The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().
 (CVE-2017-5485)

 - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)

 - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
 (CVE-2018-14461)

 - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().
 (CVE-2018-14462)

 - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167. (CVE-2018-14463)

 - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print- lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464)

 - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
 (CVE-2018-14465)

 - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). (CVE-2018-14466)

 - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). (CVE-2018-14467)

 - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
 (CVE-2018-14468)

 - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
 (CVE-2018-14469)

 - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().
 (CVE-2018-14470)

 - The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). (CVE-2018-14879)

 - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().
 (CVE-2018-14880)

 - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). (CVE-2018-14881)

 - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)

 - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. (CVE-2018-16227)

 - The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().
 (CVE-2018-16228)

 - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().
 (CVE-2018-16229)

 - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). (CVE-2018-16230)

 - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. (CVE-2018-16300)

 - The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.
 (CVE-2018-16301)

 - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. (CVE-2018-16451)

 - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.
 (CVE-2018-16452)

 - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
 (CVE-2019-15166)

 - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463. (CVE-2019-15167)

 - The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
 (CVE-2020-8037)

 - The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet. (CVE-2023-1801)

 - Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21. (CVE-2024-2397)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is installed.

Solution

The vendor has acknowledged the vulnerabilities but no solution has been provided. Refer to the vendor for remediation guidance.

Plugin Details

Severity: Critical

ID: 195551

File Name: redhat_unpatched-tcpdump-rhel6.nasl

Version: 1.0

Type: local

Agent: unix

Published: 5/11/2024

Updated: 5/11/2024

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2018-10105

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:redhat:enterprise_linux:5, p-cpe:/a:redhat:enterprise_linux:libpcap, cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:tcpdump, cpe:/o:redhat:enterprise_linux:6

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1/27/2017

Reference Information

CVE: CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984, CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574, CVE-2016-8575, CVE-2017-11108, CVE-2017-11541, CVE-2017-11542, CVE-2017-11543, CVE-2017-11544, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12989, CVE-2017-12990, CVE-2017-12991, CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12995, CVE-2017-12996, CVE-2017-12997, CVE-2017-12998, CVE-2017-12999, CVE-2017-13000, CVE-2017-13001, CVE-2017-13002, CVE-2017-13003, CVE-2017-13004, CVE-2017-13005, CVE-2017-13006, CVE-2017-13007, CVE-2017-13008, CVE-2017-13009, CVE-2017-13010, CVE-2017-13011, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014, CVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017-13018, CVE-2017-13019, CVE-2017-13020, CVE-2017-13021, CVE-2017-13022, CVE-2017-13023, CVE-2017-13024, CVE-2017-13025, CVE-2017-13026, CVE-2017-13027, CVE-2017-13028, CVE-2017-13029, CVE-2017-13030, CVE-2017-13031, CVE-2017-13032, CVE-2017-13033, CVE-2017-13034, CVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038, CVE-2017-13039, CVE-2017-13040, CVE-2017-13041, CVE-2017-13042, CVE-2017-13043, CVE-2017-13044, CVE-2017-13045, CVE-2017-13046, CVE-2017-13047, CVE-2017-13048, CVE-2017-13049, CVE-2017-13050, CVE-2017-13051, CVE-2017-13052, CVE-2017-13053, CVE-2017-13054, CVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689, CVE-2017-13690, CVE-2017-13725, CVE-2017-16808, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, CVE-2017-5486, CVE-2018-10103, CVE-2018-10105, CVE-2018-14461, CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465, CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469, CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881, CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229, CVE-2018-16230, CVE-2018-16300, CVE-2018-16301, CVE-2018-16451, CVE-2018-16452, CVE-2019-15166, CVE-2019-15167, CVE-2020-8037, CVE-2023-1801, CVE-2024-2397