{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-01-27T00:00:00", "descriptions": [{"lang": "en", "value": "A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-04T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1037755", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037755"}, {"name": "DSA-3775", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3775"}, {"name": "RHSA-2017:1871", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1871"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1494526.html"}, {"name": "95852", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/95852"}, {"name": "GLSA-201702-30", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201702-30"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-7993", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1037755", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037755"}, {"name": "DSA-3775", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3775"}, {"name": "RHSA-2017:1871", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1871"}, {"name": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html", "refsource": "CONFIRM", "url": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html"}, {"name": "95852", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95852"}, {"name": "GLSA-201702-30", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201702-30"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T02:13:21.572Z"}, "title": "CVE Program Container", "references": [{"name": "1037755", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1037755"}, {"name": "DSA-3775", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2017/dsa-3775"}, {"name": "RHSA-2017:1871", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:1871"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1494526.html"}, {"name": "95852", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/95852"}, {"name": "GLSA-201702-30", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201702-30"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-7993", "datePublished": "2017-01-28T01:33:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T02:13:21.572Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*", "matchCriteriaId": "615348EF-03D2-49CC-B96C-7CFFDCEB2C75", "versionEndIncluding": "4.8.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM)."}, {"lang": "es", "value": "Un error interno en util-print.c:relts_print() en tcpdump en versiones anteriores a 4.9.0 podr\u00eda provocar un desbordamiento de b\u00fafer en m\u00faltiples analizadores de protocolo (DNS, DVMRP, HSRP, IGMP, protocolo ligero de resoluci\u00f3n, PIM)."}], "id": "CVE-2016-7993", "lastModified": "2023-11-07T02:35:22.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-01-28T01:59:00.967", "references": [{"source": "cve@mitre.org", "url": "http://www.debian.org/security/2017/dsa-3775"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95852"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1037755"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:1871"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201702-30"}, {"source": "cve@mitre.org", "url": "https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1494526.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank the Tcpdump project for reporting this issue.", "affected_release": [{"advisory": "RHSA-2017:1871", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "tcpdump-14:4.9.0-5.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-08-01T00:00:00Z"}], "bugzilla": {"description": "tcpdump: multiple overflow issues in protocol decoding", "id": "1419066", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1419066"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "(CWE-125|CWE-190)", "details": ["A bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a buffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM).", "Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode (without -w) which could cause it to display incorrect data, crash or enter an infinite loop."], "mitigation": {"lang": "en:us", "value": "When invoked with the \"-w\" option, to write raw packets to a pcap file (for forensic purposes or offline examination), tcpdump does not use the protocol decoding subsystem and is not affected by these flaws. Red Hat Product Security recommends that any unattended uses of tcpdump use this option to ensure uninterrupted packet capture."}, "name": "CVE-2016-7993", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "tcpdump", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "tcpdump", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2017-02-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-7993\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-7993"], "statement": "Red Hat Product Security has rated these issues as having Moderate security impact. These issues may be fixed in a future minor release of Red Hat Enterprise Linux 7. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Moderate", "upstream_fix": "tcpdump 4.9.0"}