9.8

CVE-2007-3798

Exploit

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
TcpdumpTcpdump Version <= 3.9.6
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version6.10
CanonicalUbuntu Linux Version7.04
DebianDebian Linux Version3.1
DebianDebian Linux Version4.0
SlackwareSlackware Version9.0
SlackwareSlackware Version9.1
SlackwareSlackware Version10.0
SlackwareSlackware Version10.1
SlackwareSlackware Version10.2
SlackwareSlackware Version11.0
SlackwareSlackware Version12.0
FreebsdFreebsd Version >= 5.0 < 5.5
FreebsdFreebsd Version >= 6.0 < 6.1
FreebsdFreebsd Version5.5 Update-
FreebsdFreebsd Version5.5 Updatep1
FreebsdFreebsd Version5.5 Updatep11
FreebsdFreebsd Version5.5 Updatep12
FreebsdFreebsd Version5.5 Updatep13
FreebsdFreebsd Version5.5 Updatep14
FreebsdFreebsd Version5.5 Updatep2
FreebsdFreebsd Version5.5 Updatep3
FreebsdFreebsd Version5.5 Updatep4
FreebsdFreebsd Version5.5 Updatep5
FreebsdFreebsd Version5.5 Updatep7
FreebsdFreebsd Version5.5 Updatep8
FreebsdFreebsd Version5.5 Updatep9
FreebsdFreebsd Version6.1 Update-
FreebsdFreebsd Version6.1 Updatep1
FreebsdFreebsd Version6.1 Updatep10
FreebsdFreebsd Version6.1 Updatep11
FreebsdFreebsd Version6.1 Updatep12
FreebsdFreebsd Version6.1 Updatep13
FreebsdFreebsd Version6.1 Updatep16
FreebsdFreebsd Version6.1 Updatep17
FreebsdFreebsd Version6.1 Updatep18
FreebsdFreebsd Version6.1 Updatep2
FreebsdFreebsd Version6.1 Updatep4
FreebsdFreebsd Version6.1 Updatep6
FreebsdFreebsd Version6.1 Updatep7
FreebsdFreebsd Version6.1 Updatep9
FreebsdFreebsd Version6.2 Update-
FreebsdFreebsd Version6.2 Updatep1
FreebsdFreebsd Version6.2 Updatep4
FreebsdFreebsd Version6.2 Updatep5
FreebsdFreebsd Version6.2 Updatep6
ApplemacOS X Version >= 10.0.0 < 10.4.11
ApplemacOS X Server Version >= 10.0.0 < 10.4.11
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 72.12% 0.987
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-252 Unchecked Return Value

The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

http://secunia.com/advisories/28136
Vendor Advisory
Broken Link
http://www.us-cert.gov/cas/techalerts/TA07-352A.html
Third Party Advisory
US Government Resource
Broken Link
http://secunia.com/advisories/27580
Vendor Advisory
Broken Link
http://secunia.com/advisories/26231
Vendor Advisory
Broken Link
http://secunia.com/advisories/26135
Vendor Advisory
Broken Link
http://secunia.com/advisories/26168
Vendor Advisory
Broken Link
http://secunia.com/advisories/26223
Vendor Advisory
Broken Link
http://secunia.com/advisories/26263
Vendor Advisory
Broken Link
http://secunia.com/advisories/26266
Vendor Advisory
Broken Link
http://secunia.com/advisories/26286
Vendor Advisory
Broken Link
http://secunia.com/advisories/26395
Vendor Advisory
Broken Link
http://secunia.com/advisories/26404
Vendor Advisory
Broken Link
http://secunia.com/advisories/26521
Vendor Advisory
Broken Link
http://www.securityfocus.com/archive/1/474225/100/0/threaded
Third Party Advisory
Broken Link
VDB Entry
http://www.securityfocus.com/bid/24965
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id?1018434
Third Party Advisory
Broken Link
VDB Entry