USN-2433-1
- Source
- https://ubuntu.com/security/notices/USN-2433-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2433-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-2433-1
- Related
- Published
- 2014-12-04T14:05:51.691404Z
- Modified
- 2014-12-04T14:05:51.691404Z
- Summary
- tcpdump vulnerabilities
- Details
-
Steffen Bauch discovered that tcpdump incorrectly handled printing OSLR packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-8767)
Steffen Bauch discovered that tcpdump incorrectly handled printing GeoNet packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-8768)
Steffen Bauch discovered that tcpdump incorrectly handled printing AODV packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, reveal sensitive information, or possibly execute arbitrary code. (CVE-2014-8769)
It was discovered that tcpdump incorrectly handled printing PPP packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-9140)
In the default installation, attackers would be isolated by the tcpdump AppArmor profile.
- References