{"id":"MGASA-2017-0061","summary":"Updated libpcap/tcpdump packages fix security vulnerability","details":"The AH parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-ah.c:ah_print(). (CVE-2016-7922)\n\nThe ARP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-arp.c:arp_print(). (CVE-2016-7923)\n\nThe ATM parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-atm.c:oam_print(). (CVE-2016-7924)\n\nThe compressed SLIP parser in tcpdump before 4.9.0 has a buffer overflow\nin print-sl.c:sl_if_print(). (CVE-2016-7925)\n\nThe Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-ether.c:ethertype_print(). (CVE-2016-7926)\n\nThe IEEE 802.11 parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-802_11.c:ieee802_11_radio_print(). (CVE-2016-7927)\n\nThe IPComp parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-ipcomp.c:ipcomp_print(). (CVE-2016-7928)\n\nThe Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow\nin print-juniper.c:juniper_parse_header(). (CVE-2016-7929)\n\nThe LLC/SNAP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-llc.c:llc_print(). (CVE-2016-7930)\n\nThe MPLS parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-mpls.c:mpls_print(). (CVE-2016-7931)\n\nThe PIM parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-pim.c:pimv2_check_checksum(). (CVE-2016-7932)\n\nThe PPP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-ppp.c:ppp_hdlc_if_print(). (CVE-2016-7933)\n\nThe RTCP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-udp.c:rtcp_print(). (CVE-2016-7934)\n\nThe RTP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-udp.c:rtp_print(). (CVE-2016-7935)\n\nThe UDP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-udp.c:udp_print(). (CVE-2016-7936)\n\nThe VAT parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-udp.c:vat_print(). (CVE-2016-7937)\n\nThe ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in\nprint-zeromq.c:zmtp1_print_frame(). (CVE-2016-7938)\n\nThe GRE parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-gre.c, multiple functions. (CVE-2016-7939)\n\nThe STP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-stp.c, multiple functions. (CVE-2016-7940)\n\nThe AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-atalk.c, multiple functions. (CVE-2016-7973)\n\nThe IP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-ip.c, multiple functions. (CVE-2016-7974)\n\nThe TCP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-tcp.c:tcp_print(). (CVE-2016-7975)\n\nThe BOOTP parser in tcpdump before 4.9.0 has buffer overflows in\nprint-bootp.c:bootp_print(). (CVE-2016-7983 and CVE-2017-5203)\n\nThe TFTP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-tftp.c:tftp_print(). (CVE-2016-7984)\n\nThe CALM FAST parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-calm-fast.c:calm_fast_print(). (CVE-2016-7985)\n\nThe GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-geonet.c, multiple functions. (CVE-2016-7986)\n\nThe Classical IP over ATM parser in tcpdump before 4.9.0 has a buffer\noverflow in print-cip.c:cip_if_print(). (CVE-2016-7992)\n\nA bug in util-print.c:relts_print() in tcpdump before 4.9.0 could cause a\nbuffer overflow in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP,\nlightweight resolver protocol, PIM). (CVE-2016-7993)\n\nThe FRF.15 parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-fr.c:frf15_print(). (CVE-2016-8574)\n\nThe Q.933 parser in tcpdump before 4.9.0 has buffer overflows in\nprint-fr.c:q933_print(). (CVE-2016-8575 and CVE-2017-5482)\n\nThe ISO CLNS parser in tcpdump before 4.9.0 has buffer overflows in\nprint-isoclns.c:clnp_print(). (CVE-2017-5202 and CVE-2017-5486)\n\nThe IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-ip6.c:ip6_print(). (CVE-2017-5204)\n\nThe ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-isakmp.c:ikev2_e_print(). (CVE-2017-5205)\n\nThe OTV parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-otv.c:otv_print(). (CVE-2017-5341)\n\nIn tcpdump before 4.9.0, a bug in multiple protocol parsers (Geneve, GRE,\nNSH, OTV, VXLAN and VXLAN GPE) could cause a buffer overflow in\nprint-ether.c:ether_print(). (CVE-2017-5342)\n\nThe SNMP parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-snmp.c:asn1_parse(). (CVE-2017-5483)\n\nThe ATM parser in tcpdump before 4.9.0 has a buffer overflow in\nprint-atm.c:sig_print(). (CVE-2017-5484)\n\nThe ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in\naddrtoname.c:lookup_nsap(). (CVE-2017-5485)\n","modified":"2026-04-16T01:46:52.919626519Z","published":"2017-02-23T14:58:52Z","upstream":["CVE-2016-7922","CVE-2016-7923","CVE-2016-7924","CVE-2016-7925","CVE-2016-7926","CVE-2016-7927","CVE-2016-7928","CVE-2016-7929","CVE-2016-7930","CVE-2016-7931","CVE-2016-7932","CVE-2016-7933","CVE-2016-7934","CVE-2016-7935","CVE-2016-7936","CVE-2016-7937","CVE-2016-7938","CVE-2016-7939","CVE-2016-7940","CVE-2016-7973","CVE-2016-7974","CVE-2016-7975","CVE-2016-7983","CVE-2016-7984","CVE-2016-7985","CVE-2016-7986","CVE-2016-7992","CVE-2016-7993","CVE-2016-8574","CVE-2016-8575","CVE-2017-5202","CVE-2017-5203","CVE-2017-5204","CVE-2017-5205","CVE-2017-5341","CVE-2017-5342","CVE-2017-5482","CVE-2017-5483","CVE-2017-5484","CVE-2017-5485","CVE-2017-5486"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0061.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=20212"},{"type":"WEB","url":"https://www.debian.org/security/2017/dsa-3775"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2017/01/30/1"}],"affected":[{"package":{"name":"libpcap","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/libpcap?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.1-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0061.json"}},{"package":{"name":"tcpdump","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/tcpdump?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.9.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0061.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}