mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-09-17 18:45:49 +00:00
316 lines
11 KiB
JSON
316 lines
11 KiB
JSON
{
|
|
"id": "CVE-2014-8769",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2014-11-20T17:50:06.897",
|
|
"lastModified": "2024-11-21T02:19:44.663",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "tcpdump 3.8 hasta 4.6.2 podr\u00eda permitir a atacantes remotos obtener informaci\u00f3n sensible de la memoria o causar una denegaci\u00f3n de servicio ( paquetes perdidos o fallo de segmentaci\u00f3n) a trav\u00e9s de un paquete manipulado Ad hoc On-Demand Distance (AODV), que desencadena un acceso a memoria fuera de rango."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
|
|
"baseScore": 6.4,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 4.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:3.8.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "50CE25C6-CC5E-487B-A9F5-68BFD83A265E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:3.8.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F3728265-2920-4840-AD57-06FEAE523DD7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4582B9B3-8296-4A51-A49E-C1521E6AD55D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8DAAD66F-8FDC-4EEA-9FED-04197A3E95CB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F45580E7-2791-4841-AF76-9591440EDE9D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E6EF2BB6-A4E1-403A-95AD-CB4F5C5517A2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2BADA780-6314-4875-B467-5547BF75C08A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7DAE5CAC-A078-4F63-9598-9CA511EC0034"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:3.9.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3E041494-8649-4BD5-8DF7-816B4C73E6CF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "27D17DA2-A04C-43A4-AE1F-027C9E5EDC85"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B9FA963D-E15E-4711-AFE6-10D0D464FB38"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "74BFC816-CCFF-495A-BFBA-8296F6FF1E50"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4B9298E0-5B24-4FBD-A5A2-D7DCE91FD219"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1B797590-4EA3-4144-819D-F55D8B60AC6E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "10639170-0C13-4E2B-A4FA-AB4F9642DD35"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D5EA00F9-54AC-429E-9241-64142102898F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "653A18E7-DCA6-4FB0-9F16-66B3CB11CE52"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.5.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DBB358B0-2043-450E-AB3F-D88CA5156DB5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.5.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D8D13172-9D80-4DD5-A749-9A9F95466C27"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.5.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F6E4628C-DFE6-44AE-9B46-6341318CA483"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.6.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0C9CC04B-CF1E-4B0E-8D45-B02B1E07E004"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.6.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "48EDCB25-E42B-4CA1-BB7E-E5CEA9F74DC4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:tcpdump:4.6.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7D9E7FE0-FA1A-4A46-A408-BDF2D2DE73B5"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://advisories.mageia.org/MGASA-2014-0503.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://packetstormsecurity.com/files/129157/tcpdump-4.6.2-AOVD-Unreliable-Output.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://seclists.org/fulldisclosure/2014/Nov/49",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2014/dsa-3086",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/534009/100/0/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/71153",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.ubuntu.com/usn/USN-2433-1",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98764",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://support.apple.com/kb/HT205031",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://advisories.mageia.org/MGASA-2014-0503.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://packetstormsecurity.com/files/129157/tcpdump-4.6.2-AOVD-Unreliable-Output.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://seclists.org/fulldisclosure/2014/Nov/49",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2014/dsa-3086",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:240",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:125",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/534009/100/0/threaded",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/71153",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.ubuntu.com/usn/USN-2433-1",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98764",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://support.apple.com/kb/HT205031",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |