Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : tcpdump vulnerabilities (USN-3415-1)

Ubuntu Security Notice (C) 2017 Canonical, Inc. / NASL script (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

Wilfried Kirsch discovered a buffer overflow in the SLIP decoder in
tcpdump. A remote attacker could use this to cause a denial of service
(application crash) or possibly execute arbitrary code.
(CVE-2017-11543)

Bhargava Shastry discovered a buffer overflow in the bitfield
converter utility function bittok2str_internal() in tcpdump. A remote
attacker could use this to cause a denial of service (application
crash) or possibly execute arbitrary code. (CVE-2017-13011)

Otto Airamo and Antti Levomaki discovered logic errors in different
protocol parsers in tcpdump that could lead to an infinite loop. A
remote attacker could use these to cause a denial of service
(application hang). CVE-2017-12989, CVE-2017-12990, CVE-2017-12995,
CVE-2017-12997)

Otto Airamo, Brian Carpenter, Yannick Formaggio, Kamil Frankowicz,
Katie Holly, Kim Gwan Yeong, Antti Levomaki, Henri Salo, and Bhargava
Shastry discovered out-of-bounds reads in muliptle protocol parsers in
tcpdump. A remote attacker could use these to cause a denial of
service (application crash). (CVE-2017-11108, CVE-2017-11541,
CVE-2017-11542, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895,
CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899,
CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985,
CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12991,
CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12996,
CVE-2017-12998, CVE-2017-12999, CVE-2017-13000, CVE-2017-13001,
CVE-2017-13002, CVE-2017-13003, CVE-2017-13004, CVE-2017-13005,
CVE-2017-13006, CVE-2017-13007, CVE-2017-13008, CVE-2017-13009,
CVE-2017-13010, CVE-2017-13012, CVE-2017-13013, CVE-2017-13014,
CVE-2017-13015, CVE-2017-13016, CVE-2017-13017, CVE-2017-13018,
CVE-2017-13019, CVE-2017-13020, CVE-2017-13021, CVE-2017-13022,
CVE-2017-13023, CVE-2017-13024, CVE-2017-13025, CVE-2017-13026,
CVE-2017-13027, CVE-2017-13028, CVE-2017-13029, CVE-2017-13030,
CVE-2017-13031, CVE-2017-13032, CVE-2017-13033, CVE-2017-13034,
CVE-2017-13035, CVE-2017-13036, CVE-2017-13037, CVE-2017-13038,
CVE-2017-13039, CVE-2017-13040, CVE-2017-13041, CVE-2017-13042,
CVE-2017-13043, CVE-2017-13044, CVE-2017-13045, CVE-2017-13046,
CVE-2017-13047, CVE-2017-13048, CVE-2017-13049, CVE-2017-13050,
CVE-2017-13051, CVE-2017-13052, CVE-2017-13053, CVE-2017-13054,
CVE-2017-13055, CVE-2017-13687, CVE-2017-13688, CVE-2017-13689,
CVE-2017-13690, CVE-2017-13725).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected tcpdump package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false