SUSE-SU-2017:0656-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2017/suse-su-20170656-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0656-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2017:0656-1
Related
Published
2017-03-10T13:36:29Z
Modified
2017-03-10T13:36:29Z
Summary
Security update for tcpdump
Details

This update for tcpdump fixes the following issues:

Security issues fixed (bsc#1020940): - CVE-2016-7922: Corrected buffer overflow in AH parser print-ah.c:ahprint(). - CVE-2016-7923: Corrected buffer overflow in ARP parser print-arp.c:arpprint(). - CVE-2016-7925: Corrected buffer overflow in compressed SLIP parser print-sl.c:slifprint(). - CVE-2016-7926: Corrected buffer overflow in the Ethernet parser print-ether.c:ethertypeprint(). - CVE-2016-7927: Corrected buffer overflow in the IEEE 802.11 parser print-80211.c:ieee80211radioprint(). - CVE-2016-7928: Corrected buffer overflow in the IPComp parser print-ipcomp.c:ipcompprint(). - CVE-2016-7931: Corrected buffer overflow in the MPLS parser print-mpls.c:mplsprint(). - CVE-2016-7936: Corrected buffer overflow in the UDP parser print-udp.c:udpprint(). - CVE-2016-7934,CVE-2016-7935,CVE-2016-7937: Corrected segmentation faults in function udpprint(). - CVE-2016-7939: Corrected buffer overflows in GRE parser print-gre.c:(multiple functions). - CVE-2016-7940: Corrected buffer overflows in STP parser print-stp.c:(multiple functions). - CVE-2016-7973: Corrected buffer overflow in AppleTalk parser print-atalk.c. - CVE-2016-7974: Corrected buffer overflow in IP parser print-ip.c:(multiple functions). - CVE-2016-7975: Corrected buffer overflow in TCP parser print-tcp.c:tcpprint(). - CVE-2016-7983,CVE-2016-7984: Corrected buffer overflow in TFTP parser print-tftp.c:tftpprint(). - CVE-2016-7992: Corrected buffer overflow in Classical IP over ATM parser print-cip.c. - CVE-2016-7993: Corrected buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, etc.). - CVE-2016-8574: Corrected buffer overflow in FRF.15 parser print-fr.c:frf15print(). - CVE-2017-5202: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnpprint(). - CVE-2017-5203: Corrected buffer overflow in BOOTP parser print-bootp.c:bootpprint(). - CVE-2017-5204: Corrected buffer overflow in IPv6 parser print-ip6.c:ip6print(). - CVE-2017-5483: Corrected buffer overflow in SNMP parser print-snmp.c:asn1parse(). - CVE-2017-5484: Corrected buffer overflow in ATM parser print-atm.c:sigprint(). - CVE-2017-5485: Corrected buffer overflow in ISO CLNS parser addrtoname.c:lookupnsap(). - CVE-2017-5486: Corrected buffer overflow in ISO CLNS parser print-isoclns.c:clnp_print().

References

Affected packages

SUSE:Linux Enterprise Server 11 SP4 / tcpdump

Package

Name
tcpdump
Purl
pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.9.8-1.29.1

Ecosystem specific 

{
    "binaries": [
        {
            "tcpdump": "3.9.8-1.29.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 11 SP4 / tcpdump

Package

Name
tcpdump
Purl
pkg:rpm/suse/tcpdump&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.9.8-1.29.1

Ecosystem specific 

{
    "binaries": [
        {
            "tcpdump": "3.9.8-1.29.1"
        }
    ]
}