Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name CVE-2018-14879 First vendor Publication 2019-10-03
Vendor Cve Last vendor Modification 2023-11-07

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Overall CVSS Score 7
Base Score 7 Environmental Score 7
impact SubScore 5.9 Temporal Score 7
Exploitabality Sub Score 1
 
Attack Vector Local Attack Complexity High
Privileges Required None User Interaction Required
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P)
Cvss Base Score 5.1 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14879

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2
Application 3
Application 3
Os 185
Os 3
Os 3
Os 2
Os 2

Sources (Detail)

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://support.f5.com/csp/article/K51512510?utm_source=f5support&amp%3Bu...
Source Url
BUGTRAQ https://seclists.org/bugtraq/2019/Dec/23
https://seclists.org/bugtraq/2019/Oct/28
CONFIRM https://github.com/the-tcpdump-group/tcpdump/commit/9ba91381954ad325ea4fd26b9...
https://security.netapp.com/advisory/ntap-20200120-0001/
https://support.apple.com/kb/HT210788
DEBIAN https://www.debian.org/security/2019/dsa-4547
FULLDISC http://seclists.org/fulldisclosure/2019/Dec/26
MISC https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES
MLIST https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html
UBUNTU https://usn.ubuntu.com/4252-1/
https://usn.ubuntu.com/4252-2/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
Date Informations
2023-11-07 21:39:06
  • Multiple Updates
2023-08-16 21:28:35
  • Multiple Updates
2023-05-17 01:39:48
  • Multiple Updates
2022-03-31 12:33:16
  • Multiple Updates
2022-02-21 12:32:49
  • Multiple Updates
2022-01-13 01:31:09
  • Multiple Updates
2022-01-06 01:31:19
  • Multiple Updates
2022-01-05 01:31:03
  • Multiple Updates
2021-09-16 01:28:52
  • Multiple Updates
2021-09-15 01:28:43
  • Multiple Updates
2021-05-26 01:26:41
  • Multiple Updates
2021-05-05 01:28:57
  • Multiple Updates
2021-05-04 13:09:21
  • Multiple Updates
2021-04-22 02:23:11
  • Multiple Updates
2021-04-09 01:24:47
  • Multiple Updates
2021-04-08 01:24:35
  • Multiple Updates
2020-05-24 01:24:12
  • Multiple Updates
2020-05-23 02:11:36
  • Multiple Updates
2020-05-23 01:07:51
  • Multiple Updates
2019-10-12 05:20:12
  • Multiple Updates
2019-10-05 05:19:54
  • Multiple Updates
2019-10-03 21:20:30
  • First insertion