[email protected]NVD:CVE-2019-15167

HistoryAug 27, 2022 - 6:15 a.m.

Vulners
/
Nvd
/
CVE-2019-15167

CVE-2019-15167

2022-08-2706:15:07

CWE-125

[email protected]

web.nvd.nist.gov

tcpdump

vrrp parser

buffer over-read

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

EPSS

0.004

Percentile

73.3%

JSON

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.

Affected configurations

Nvd

Node

tcpdumptcpdumpRange<4.9.3

VendorProductVersionCPE
tcpdumptcpdump*cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tcpdump	tcpdump	*	cpe:2.3:a:tcpdump:tcpdump::::::::

References

github.com/the-tcpdump-group/tcpdump/commit/a152aebfd1114376ba266ed30416be596ef9d806

cve 2

prion 2

amazon 2

nessus 35

openvas 22

alpinelinux 2

debiancve 2

osv 6

cvelist 2

nvd 1

ubuntucve 2

redhatcve 2

veracode 2

ibm 1

aix 1

slackware 1

suse 2

cloudfoundry 1

fedora 3

ubuntu 2

mageia 1

apple 2

debian 2

rocky 1

oraclelinux 1

redhat 4

almalinux 1

rosalinux 1

photon 6

cve

CVE-2018-14463

2019-10-03 16:15:11

CVE-2019-15167

2022-08-27 06:15:07

prion

Code injection

2019-10-03 16:15:00

Code injection

2022-08-27 06:15:00

amazon

Medium: tcpdump

2023-07-05 22:01:00

Medium: tcpdump

2022-12-01 17:33:00

nessus

EulerOS 2.0 SP5 : tcpdump (EulerOS-SA-2023-2175)

2023-06-09 00:00:00

Amazon Linux AMI : tcpdump (ALAS-2022-1641)

2022-12-10 00:00:00

EulerOS Virtualization 3.0.2.0 : tcpdump (EulerOS-SA-2023-1714)

2023-05-07 00:00:00

openvas

Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2023-1714)

2023-05-08 00:00:00

Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2023-2175)

2023-06-09 00:00:00

Slackware: Security Advisory (SSA:2019-274-01)

2022-04-21 00:00:00

alpinelinux

CVE-2018-14463

2019-10-03 16:15:11

CVE-2019-15167

2022-08-27 06:15:07

debiancve

CVE-2019-15167

2022-08-27 06:15:07

CVE-2018-14463

2019-10-03 16:15:11

osv

CVE-2018-14463

2019-10-03 16:15:11

CVE-2019-15167

2022-08-27 06:15:07

tcpdump - security update

2019-10-21 00:00:00

cvelist

CVE-2019-15167

2022-08-27 05:47:36

CVE-2018-14463

2019-10-03 15:12:23

nvd

CVE-2018-14463

2019-10-03 16:15:11

ubuntucve

CVE-2019-15167

2019-09-30 00:00:00

CVE-2018-14463

2019-09-30 00:00:00

redhatcve

CVE-2019-15167

2023-10-02 14:54:29

CVE-2018-14463

2019-10-10 18:17:50

veracode

Arbitrary Code Execution

2020-08-06 21:30:28

Denial Of Service (DoS)

2020-08-06 21:37:10

ibm

Security Bulletin: Vulnerabilities in tcpdump affect AIX

2021-02-26 18:48:40

aix

There is a vulnerability in tcpdump that affects AIX.,There is a vulnerability in tcpdump that affects VIOS.

2020-01-08 12:57:55

slackware

[slackware-security] tcpdump

2019-10-02 06:51:41

suse

Security update for tcpdump (important)

2019-10-20 00:00:00

Security update for tcpdump (important)

2019-10-20 00:00:00

cloudfoundry

USN-4252-1: tcpdump vulnerabilities | Cloud Foundry

2020-02-12 00:00:00

fedora

[SECURITY] Fedora 29 Update: tcpdump-4.9.3-1.fc29

2019-10-25 18:09:47

[SECURITY] Fedora 30 Update: tcpdump-4.9.3-1.fc30

2019-10-28 01:03:58

[SECURITY] Fedora 31 Update: tcpdump-4.9.3-1.fc31

2019-10-30 00:58:06

ubuntu

tcpdump vulnerabilities

2020-01-27 00:00:00

tcpdump vulnerabilities

2020-01-27 00:00:00

mageia

Updated libpcap and tcpdump packages fix security vulnerabilities

2019-10-17 01:22:41

apple

About the security content of macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra - Apple Support

2020-11-12 07:38:35

About the security content of macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra

2019-12-10 00:00:00

debian

[SECURITY] [DSA 4547-1] tcpdump security update

2019-10-21 21:26:24

[SECURITY] [DLA 1955-1] tcpdump security update

2019-10-11 20:27:37

rocky

tcpdump security, bug fix, and enhancement update

2020-11-03 12:33:49

oraclelinux

tcpdump security, bug fix, and enhancement update

2020-11-10 00:00:00

redhat

(RHSA-2020:4760) Moderate: tcpdump security, bug fix, and enhancement update

2020-11-03 12:33:49

(RHSA-2020:5605) Moderate: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement update

2020-12-17 05:33:21

(RHSA-2021:0799) Moderate: OpenShift Virtualization 2.6.0 security and bug fix update

2021-03-10 08:47:39

almalinux

Moderate: tcpdump security, bug fix, and enhancement update

2020-11-03 12:33:49

rosalinux

Advisory ROSA-SA-2021-1985

2021-07-02 18:15:22

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0182

2019-10-15 00:00:00

Critical Photon OS Security Update - PHSA-2019-0182

2019-10-15 00:00:00

Critical Photon OS Security Update - PHSA-2019-0034

2019-10-15 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

EPSS

0.004

Percentile

73.3%

JSON

Related for NVD:CVE-2019-15167

cve2 prion2 amazon2 nessus35 openvas22 alpinelinux2 debiancve2 osv6 cvelist2 nvd1 ubuntucve2 redhatcve2 veracode2 ibm1 aix1 slackware1 suse2 cloudfoundry1 fedora3 ubuntu2 mageia1 apple2 debian2 rocky1 oraclelinux1 redhat4 almalinux1 rosalinux1 photon6