Vulnerability Details : CVE-2015-2153
The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU).
Vulnerability category: OverflowDenial of service
Products affected by CVE-2015-2153
- cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-2153
17.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-2153
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2015-2153
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-2153
-
http://www.securitytracker.com/id/1031937
Tcpdump IPv6 Mobility/TCP/Ethernet/Force Printer Module Bugs Let Remote Users Execute Arbitrary Code - SecurityTracker
-
http://www.securityfocus.com/archive/1/534829/100/0/threaded
SecurityFocus
-
http://www.debian.org/security/2015/dsa-3193
Debian -- Security Information -- DSA-3193-1 tcpdump
-
http://advisories.mageia.org/MGASA-2015-0114.html
Mageia Advisory: MGASA-2015-0114 - Updated tcpdump package fixes security vulnerabilities
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153834.html
[SECURITY] Fedora 21 Update: tcpdump-4.7.3-1.fc21
-
https://bugzilla.redhat.com/show_bug.cgi?id=1201795
1201795 – (CVE-2015-2153) CVE-2015-2153 tcpdump: tcp printer rpki_rtr_pdu_print() missing length check
-
https://access.redhat.com/errata/RHSA-2017:1871
RHSA-2017:1871 - Security Advisory - Red Hat Customer Portal
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153999.html
[SECURITY] Fedora 22 Update: tcpdump-4.7.3-1.fc22
-
http://packetstormsecurity.com/files/130730/tcpdump-Denial-Of-Service-Code-Execution.html
tcpdump Denial Of Service / Code Execution ≈ Packet Storm
-
https://security.gentoo.org/glsa/201510-04
tcpdump: Multiple vulnerabilities (GLSA 201510-04) — Gentoo security
-
https://www.exploit-db.com/exploits/37663/
TcpDump - rpki_rtr_pdu_print Out-of-Bounds Denial of Service
-
http://lists.opensuse.org/opensuse-updates/2015-03/msg00084.html
openSUSE-SU-2015:0616-1: moderate: Security update for tcpdump
-
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
Oracle Solaris Third Party Bulletin - July 2015
-
http://www.mandriva.com/security/advisories?name=MDVSA-2015:125
mandriva.com
-
http://www.securityfocus.com/bid/73018
tcpdump CVE-2015-2153 Denial of Service Vulnerability
-
http://www.mandriva.com/security/advisories?name=MDVSA-2015:182
mandriva.com
-
http://www.ubuntu.com/usn/USN-2580-1
USN-2580-1: tcpdump vulnerabilities | Ubuntu security notices
Jump to