This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
2dc764fa-40c0-11dc-aeac-02e0185f8d72 | FreeBSD -- Buffer overflow in tcpdump(1)Problem Description:An un-checked return value in the BGP dissector code can result in an integer overflow. This value is used in subsequent buffer management operations, resulting in a stack based buffer overflow under certain circumstances. Impact:By crafting malicious BGP packets, an attacker could exploit this vulnerability to execute code or crash the tcpdump process on the target system. This code would be executed in the context of the user running tcpdump(1). It should be noted that tcpdump(1) requires privileges in order to open live network interfaces. Workaround:No workaround is available. Discovery 2007-08-01 Entry 2007-08-02 Modified 2016-08-09 tcpdump < 3.9.6 FreeBSD ge 6.2 lt 6.2_7 ge 6.1 lt 6.1_19 ge 5.5 lt 5.5_15 CVE-2007-3798 SA-07:06.tcpdump |
eb03d642-6724-472d-b038-f2bf074e1fc8 | tcpdump -- multiple vulnerabilities tcpdump developers report:
Discovery 2017-07-22 Entry 2017-09-26 tcpdump < 4.9.2 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 CVE-2017-13725 |
9fae0f1f-df82-11d9-b875-0001020eed82 | tcpdump -- infinite loops in protocol decodingProblem DescriptionSeveral tcpdump protocol decoders contain programming errors which can cause them to go into infinite loops. ImpactAn attacker can inject specially crafted packets into the network which, when processed by tcpdump, could lead to a denial-of-service. After the attack, tcpdump would no longer capture traffic, and would potentially use all available processor time. Discovery 2005-06-09 Entry 2005-06-18 Modified 2005-06-20 FreeBSD ge 5.4 lt 5.4_2 ge 5.3 lt 5.3_16 tcpdump < 3.8.3_2 CVE-2005-1278 CVE-2005-1267 CVE-2005-1279 CVE-2005-1280 SA-05:10.tcpdump http://marc.theaimsgroup.com/?l=bugtraq&m=111454406222040 http://marc.theaimsgroup.com/?l=bugtraq&m=111454461300644 http://marc.theaimsgroup.com/?l=bugtraq&m=111928309502304 |