Tcpdump Tcpdump

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Tcpdump.

By the Year

In 2024 there have been 0 vulnerabilities in Tcpdump . Last year Tcpdump had 1 security vulnerability published. Right now, Tcpdump is on track to have less security vulnerabilities in 2024 than it did last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 1 6.50
2022 1 9.10
2021 0 0.00
2020 2 7.50
2019 26 7.51
2018 1 5.50

It may take a day or so for new Tcpdump vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Tcpdump Security Vulnerabilities

The SMB protocol decoder in tcpdump version 4.99.3

CVE-2023-1801 6.5 - Medium - April 07, 2023

The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.

Memory Corruption

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3

CVE-2019-15167 9.1 - Critical - August 27, 2022

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.

Out-of-bounds Read

The ppp decapsulator in tcpdump 4.9.3

CVE-2020-8037 7.5 - High - November 04, 2020

The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.

Allocation of Resources Without Limits or Throttling

The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way.

CVE-2020-8036 7.5 - High - November 04, 2020

The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way.

Out-of-bounds Read

lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.

CVE-2019-15166 7.5 - High - October 03, 2019

lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.

Classic Buffer Overflow

The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.

CVE-2018-14882 7.5 - High - October 03, 2019

The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.

Out-of-bounds Read

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile()

CVE-2018-16301 7.8 - High - October 03, 2019

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.

Classic Buffer Overflow

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata()

CVE-2018-16452 7.5 - High - October 03, 2019

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.

Stack Exhaustion

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.

CVE-2018-16451 7.5 - High - October 03, 2019

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.

Out-of-bounds Read

The BGP parser in tcpdump before 4.9.3

CVE-2018-16300 7.5 - High - October 03, 2019

The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.

Stack Exhaustion

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).

CVE-2018-16230 7.5 - High - October 03, 2019

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).

Out-of-bounds Read

The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().

CVE-2018-16229 7.5 - High - October 03, 2019

The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().

Out-of-bounds Read

The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().

CVE-2018-16228 7.5 - High - October 03, 2019

The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().

Out-of-bounds Read

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.

CVE-2018-16227 7.5 - High - October 03, 2019

The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.

Out-of-bounds Read

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).

CVE-2018-14881 7.5 - High - October 03, 2019

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).

Out-of-bounds Read

The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().

CVE-2018-14879 7 - High - October 03, 2019

The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().

Classic Buffer Overflow

tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).

CVE-2018-10103 9.8 - Critical - October 03, 2019

tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).

Improper Input Validation

tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).

CVE-2018-10105 9.8 - Critical - October 03, 2019

tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).

Improper Input Validation

The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().

CVE-2018-14461 7.5 - High - October 03, 2019

The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().

Out-of-bounds Read

The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().

CVE-2018-14462 7.5 - High - October 03, 2019

The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().

Out-of-bounds Read

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2

CVE-2018-14463 7.5 - High - October 03, 2019

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.

Out-of-bounds Read

The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().

CVE-2018-14464 7.5 - High - October 03, 2019

The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().

Out-of-bounds Read

The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

CVE-2018-14465 7.5 - High - October 03, 2019

The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

Out-of-bounds Read

The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().

CVE-2018-14466 7.5 - High - October 03, 2019

The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().

Out-of-bounds Read

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).

CVE-2018-14467 7.5 - High - October 03, 2019

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).

Out-of-bounds Read

The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().

CVE-2018-14468 7.5 - High - October 03, 2019

The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().

Out-of-bounds Read

The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().

CVE-2018-14469 7.5 - High - October 03, 2019

The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().

Out-of-bounds Read

The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().

CVE-2018-14470 7.5 - High - October 03, 2019

The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().

Out-of-bounds Read

The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().

CVE-2018-14880 7.5 - High - October 03, 2019

The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().

Out-of-bounds Read

tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read

CVE-2019-1010220 3.3 - Low - July 22, 2019

tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file.

Out-of-bounds Read

In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data

CVE-2018-19519 5.5 - Medium - November 25, 2018

In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.

Missing Initialization of Resource

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier

CVE-2007-3798 9.8 - Critical - July 16, 2007

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.

Unchecked Return Value

TCPDUMP 3.8.1 and earlier

CVE-2004-0183 - May 04, 2004

TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Out-of-bounds Read

Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length

CVE-2004-0184 - May 04, 2004

Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Out-of-bounds Read

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Tcpdump or by Tcpdump? Click the Watch button to subscribe.

Tcpdump
Vendor

Tcpdump
Product

subscribe