{ "schema_version": "1.7.0", "id": "MGASA-2017-0061", "published": "2017-02-23T14:58:52Z", "modified": "2017-02-23T14:49:24Z", "summary": "Updated libpcap/tcpdump packages fix security vulnerability", "details": "The AH parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-ah.c:ah_print(). (CVE-2016-7922)\n\nThe ARP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-arp.c:arp_print(). (CVE-2016-7923)\n\nThe ATM parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-atm.c:oam_print(). (CVE-2016-7924)\n\nThe compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow\nin print-sl.c:sl_if_print(). (CVE-2016-7925)\n\nThe Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-ether.c:ethertype_print(). (CVE-2016-7926)\n\nThe IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-802_11.c:ieee802_11_radio_print(). (CVE-2016-7927)\n\nThe IPComp parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-ipcomp.c:ipcomp_print(). (CVE-2016-7928)\n\nThe Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow\nin print-juniper.c:juniper_parse_header(). (CVE-2016-7929)\n\nThe LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-llc.c:llc_print(). (CVE-2016-7930)\n\nThe MPLS parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-mpls.c:mpls_print(). (CVE-2016-7931)\n\nThe PIM parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-pim.c:pimv2_check_checksum(). (CVE-2016-7932)\n\nThe PPP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-ppp.c:ppp_hdlc_if_print(). (CVE-2016-7933)\n\nThe RTCP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-udp.c:rtcp_print(). (CVE-2016-7934)\n\nThe RTP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-udp.c:rtp_print(). (CVE-2016-7935)\n\nThe UDP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-udp.c:udp_print(). (CVE-2016-7936)\n\nThe VAT parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-udp.c:vat_print(). (CVE-2016-7937)\n\nThe ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in\nprint-zeromq.c:zmtp1_print_frame(). (CVE-2016-7938)\n\nThe GRE parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-gre.c, multiple functions. (CVE-2016-7939)\n\nThe STP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-stp.c, multiple functions. (CVE-2016-7940)\n\nThe AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-atalk.c, multiple functions. (CVE-2016-7973)\n\nThe IP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-ip.c, multiple functions. (CVE-2016-7974)\n\nThe TCP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-tcp.c:tcp_print(). (CVE-2016-7975)\n\nThe BOOTP parser in tcpdump before 4.9.0 has buffer overflows in\nprint-bootp.c:bootp_print(). (CVE-2016-7983 and CVE-2017-5203)\n\nThe TFTP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-tftp.c:tftp_print(). (CVE-2016-7984)\n\nThe CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-calm-fast.c:calm_fast_print(). (CVE-2016-7985)\n\nThe GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-geonet.c, multiple functions. (CVE-2016-7986)\n\nThe Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer\noverflow in print-cip.c:cip_if_print(). (CVE-2016-7992)\n\nA bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a\nbuffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,\nlightweight resolver protocol, PIM). (CVE-2016-7993)\n\nThe FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-fr.c:frf15_print(). (CVE-2016-8574)\n\nThe Q.933 parser in tcpdump before 4.9.0 has buffer overflows in\nprint-fr.c:q933_print(). (CVE-2016-8575 and CVE-2017-5482)\n\nThe ISO CLNS parser in tcpdump before 4.9.0 has buffer overflows in\nprint-isoclns.c:clnp_print(). (CVE-2017-5202 and CVE-2017-5486)\n\nThe IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-ip6.c:ip6_print(). (CVE-2017-5204)\n\nThe ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-isakmp.c:ikev2_e_print(). (CVE-2017-5205)\n\nThe OTV parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-otv.c:otv_print(). (CVE-2017-5341)\n\nIn tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE,\nNSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in\nprint-ether.c:ether_print(). (CVE-2017-5342)\n\nThe SNMP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-snmp.c:asn1_parse(). (CVE-2017-5483)\n\nThe ATM parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-atm.c:sig_print(). (CVE-2017-5484)\n\nThe ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in\naddrtoname.c:lookup_nsap(). (CVE-2017-5485)\n", "upstream": [ "CVE-2016-7922", "CVE-2016-7923", "CVE-2016-7924", "CVE-2016-7925", "CVE-2016-7926", "CVE-2016-7927", "CVE-2016-7928", "CVE-2016-7929", "CVE-2016-7930", "CVE-2016-7931", "CVE-2016-7932", "CVE-2016-7933", "CVE-2016-7934", "CVE-2016-7935", "CVE-2016-7936", "CVE-2016-7937", "CVE-2016-7938", "CVE-2016-7939", "CVE-2016-7940", "CVE-2016-7973", "CVE-2016-7974", "CVE-2016-7975", "CVE-2016-7983", "CVE-2016-7984", "CVE-2016-7985", "CVE-2016-7986", "CVE-2016-7992", "CVE-2016-7993", "CVE-2016-8574", "CVE-2016-8575", "CVE-2017-5202", "CVE-2017-5203", "CVE-2017-5204", "CVE-2017-5205", "CVE-2017-5341", "CVE-2017-5342", "CVE-2017-5482", "CVE-2017-5483", "CVE-2017-5484", "CVE-2017-5485", "CVE-2017-5486" ], "references": [ { "type": "ADVISORY", "url": "https://advisories.mageia.org/MGASA-2017-0061.html" }, { "type": "REPORT", "url": "https://bugs.mageia.org/show_bug.cgi?id=20212" }, { "type": "WEB", "url": "https://www.debian.org/security/2017/dsa-3775" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2017/01/30/1" } ], "affected": [ { "package": { "ecosystem": "Mageia:5", "name": "libpcap", "purl": "pkg:rpm/mageia/libpcap?arch=source&distro=mageia-5" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "1.8.1-1.mga5" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:5", "name": "tcpdump", "purl": "pkg:rpm/mageia/tcpdump?arch=source&distro=mageia-5" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "4.9.0-1.mga5" } ] } ], "ecosystem_specific": { "section": "core" } } ], "credits": [ { "name": "Mageia", "type": "COORDINATOR", "contact": [ "https://wiki.mageia.org/en/Packages_Security_Team" ] } ] }