Tcpdump

Do you want an email whenever new security vulnerabilities are reported in any Tcpdump product?

Products by Tcpdump Sorted by Most Security Vulnerabilities since 2018

Tcpdump34 vulnerabilities

Tcpdump Libpcap5 vulnerabilities

Tcpdump Tcpslice1 vulnerability

By the Year

In 2024 there have been 0 vulnerabilities in Tcpdump . Last year Tcpdump had 1 security vulnerability published. Right now, Tcpdump is on track to have less security vulnerabilities in 2024 than it did last year.

Year	Vulnerabilities	Average Score
2024	0	0.00
2023	1	6.50
2022	2	7.30
2021	0	0.00
2020	2	7.50
2019	30	7.29
2018	1	5.50

It may take a day or so for new Tcpdump vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Tcpdump Security Vulnerabilities

The SMB protocol decoder in tcpdump version 4.99.3

CVE-2023-1801 6.5 - Medium - April 07, 2023

The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.

Memory Corruption

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3

CVE-2019-15167 9.1 - Critical - August 27, 2022

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.

Out-of-bounds Read

Use after free in tcpslice triggers AddressSanitizer

CVE-2021-41043 5.5 - Medium - January 05, 2022

Use after free in tcpslice triggers AddressSanitizer, no other confirmed impact.

Dangling pointer

The ppp decapsulator in tcpdump 4.9.3

CVE-2020-8037 7.5 - High - November 04, 2020

The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.

Allocation of Resources Without Limits or Throttling

The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way.

CVE-2020-8036 7.5 - High - November 04, 2020

The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way.

Out-of-bounds Read

rpcapd/daemon.c in libpcap before 1.9.1

CVE-2019-15163 7.5 - High - October 03, 2019

rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.

NULL Pointer Dereference

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable

CVE-2019-15161 5.3 - Medium - October 03, 2019

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.

Incorrect Calculation of Buffer Size

rpcapd/daemon.c in libpcap before 1.9.1

CVE-2019-15164 5.3 - Medium - October 03, 2019

rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.

XSPA

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.

CVE-2019-15165 5.3 - Medium - October 03, 2019

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.

Allocation of Resources Without Limits or Throttling

lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.

CVE-2019-15166 7.5 - High - October 03, 2019

lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.

Classic Buffer Overflow

The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().

CVE-2018-16229 7.5 - High - October 03, 2019

The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().

Out-of-bounds Read

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata()

CVE-2018-16452 7.5 - High - October 03, 2019

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.

Stack Exhaustion

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.

CVE-2018-16451 7.5 - High - October 03, 2019

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.

Out-of-bounds Read

The BGP parser in tcpdump before 4.9.3

CVE-2018-16300 7.5 - High - October 03, 2019

The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.

Stack Exhaustion

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).

CVE-2018-16230 7.5 - High - October 03, 2019

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).

Out-of-bounds Read

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile()

CVE-2018-16301 7.8 - High - October 03, 2019

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.

Classic Buffer Overflow

The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().

CVE-2018-16228 7.5 - High - October 03, 2019

The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().

Out-of-bounds Read

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.

CVE-2018-16227 7.5 - High - October 03, 2019

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.

Out-of-bounds Read

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).

CVE-2018-14881 7.5 - High - October 03, 2019

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).

Out-of-bounds Read

tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).

CVE-2018-10103 9.8 - Critical - October 03, 2019

tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).

Improper Input Validation

Tcpdump

Products by Tcpdump Sorted by Most Security Vulnerabilities since 2018

Tcpdump34 vulnerabilities

Tcpdump Libpcap5 vulnerabilities

Tcpdump Tcpslice1 vulnerability

By the Year

Recent Tcpdump Security Vulnerabilities

The SMB protocol decoder in tcpdump version 4.99.3 CVE-2023-1801 6.5 - Medium - April 07, 2023

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3 CVE-2019-15167 9.1 - Critical - August 27, 2022

Use after free in tcpslice triggers AddressSanitizer CVE-2021-41043 5.5 - Medium - January 05, 2022

The ppp decapsulator in tcpdump 4.9.3 CVE-2020-8037 7.5 - High - November 04, 2020

The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way. CVE-2020-8036 7.5 - High - November 04, 2020

rpcapd/daemon.c in libpcap before 1.9.1 CVE-2019-15163 7.5 - High - October 03, 2019

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable CVE-2019-15161 5.3 - Medium - October 03, 2019

rpcapd/daemon.c in libpcap before 1.9.1 CVE-2019-15164 5.3 - Medium - October 03, 2019

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. CVE-2019-15165 5.3 - Medium - October 03, 2019

lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. CVE-2019-15166 7.5 - High - October 03, 2019

The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). CVE-2018-16229 7.5 - High - October 03, 2019

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() CVE-2018-16452 7.5 - High - October 03, 2019

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. CVE-2018-16451 7.5 - High - October 03, 2019

The BGP parser in tcpdump before 4.9.3 CVE-2018-16300 7.5 - High - October 03, 2019

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). CVE-2018-16230 7.5 - High - October 03, 2019

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile() CVE-2018-16301 7.8 - High - October 03, 2019

The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). CVE-2018-16228 7.5 - High - October 03, 2019

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. CVE-2018-16227 7.5 - High - October 03, 2019

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). CVE-2018-14881 7.5 - High - October 03, 2019

tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). CVE-2018-10103 9.8 - Critical - October 03, 2019

The SMB protocol decoder in tcpdump version 4.99.3

CVE-2023-1801 6.5 - Medium - April 07, 2023

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3

CVE-2019-15167 9.1 - Critical - August 27, 2022

Use after free in tcpslice triggers AddressSanitizer

CVE-2021-41043 5.5 - Medium - January 05, 2022

The ppp decapsulator in tcpdump 4.9.3

CVE-2020-8037 7.5 - High - November 04, 2020

The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way.

CVE-2020-8036 7.5 - High - November 04, 2020

rpcapd/daemon.c in libpcap before 1.9.1

CVE-2019-15163 7.5 - High - October 03, 2019

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable

CVE-2019-15161 5.3 - Medium - October 03, 2019

rpcapd/daemon.c in libpcap before 1.9.1

CVE-2019-15164 5.3 - Medium - October 03, 2019

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.

CVE-2019-15165 5.3 - Medium - October 03, 2019

lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.

CVE-2019-15166 7.5 - High - October 03, 2019

The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().

CVE-2018-16229 7.5 - High - October 03, 2019

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata()

CVE-2018-16452 7.5 - High - October 03, 2019

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.

CVE-2018-16451 7.5 - High - October 03, 2019

The BGP parser in tcpdump before 4.9.3

CVE-2018-16300 7.5 - High - October 03, 2019

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).

CVE-2018-16230 7.5 - High - October 03, 2019

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile()

CVE-2018-16301 7.8 - High - October 03, 2019

The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().

CVE-2018-16228 7.5 - High - October 03, 2019

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.

CVE-2018-16227 7.5 - High - October 03, 2019

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).

CVE-2018-14881 7.5 - High - October 03, 2019

tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).

CVE-2018-10103 9.8 - Critical - October 03, 2019