Detections
Analytics

MiracleLinux 8 : tcpdump-4.9.3-1.el8 (AXSA:2021-1229:01)

critical Nessus Plugin ID 294349

Synopsis

The remote MiracleLinux host is missing one or more security updates.

Description

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1229:01 advisory.

 * tcpdump: SMB data printing mishandled (CVE-2018-10103)
 * tcpdump: SMB data printing mishandled (CVE-2018-10105)
 * tcpdump: Out of bounds read/write in get_next_file() in tcpdump.c (CVE-2018-14879)
 * tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c (CVE-2018-14461)
 * tcpdump: Buffer over-read in icmp_print() function in print-icmp.c (CVE-2018-14462)
 * tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c (CVE-2018-14463)
 * tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c (CVE-2018-14464)
 * tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c (CVE-2018-14465)
 * tcpdump: Buffer over-read in print-icmp6.c (CVE-2018-14466)
 * tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c (CVE-2018-14467)
 * tcpdump: Buffer over-read in mfr_print() function in print-fr.c (CVE-2018-14468)
 * tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c (CVE-2018-14469)
 * tcpdump: Buffer over-read in babel_print_v2() in print-babel.c (CVE-2018-14470)
 * tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c (CVE-2018-14880)
 * tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c (CVE-2018-14881)
 * tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c (CVE-2018-14882)
 * tcpdump: Buffer over-read in print-802_11.c (CVE-2018-16227)
 * tcpdump: Access to uninitialized buffer in print_prefix() function in print-hncp.c (CVE-2018-16228)
 * tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c (CVE-2018-16229)
 * tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c (CVE-2018-16230)
 * tcpdump: Resource exhaustion in bgp_attr_print() function in print-bgp.c (CVE-2018-16300)
 * tcpdump: Buffer over-read in print_trans() function in print-smb.c (CVE-2018-16451)
 * tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c (CVE-2018-16452)
 * tcpdump: Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c (CVE-2019-15166)

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected tcpdump package.

See Also

https://tsn.miraclelinux.com/en/node/12411

Plugin Details

Severity: Critical

ID: 294349

File Name: miracle_linux_AXSA-2021-1229.nasl

Version: 1.1

Type: local

Published: 1/20/2026

Updated: 1/20/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2018-10105

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:miracle:linux:8, p-cpe:/a:miracle:linux:tcpdump

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 1/17/2021

Vulnerability Publication Date: 10/3/2019

Reference Information

CVE: CVE-2018-10103, CVE-2018-10105, CVE-2018-14461, CVE-2018-14462, CVE-2018-14463, CVE-2018-14464, CVE-2018-14465, CVE-2018-14466, CVE-2018-14467, CVE-2018-14468, CVE-2018-14469, CVE-2018-14470, CVE-2018-14879, CVE-2018-14880, CVE-2018-14881, CVE-2018-14882, CVE-2018-16227, CVE-2018-16228, CVE-2018-16229, CVE-2018-16230, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452, CVE-2019-15166