Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.
2014-11-20T17:50:05.863
2025-04-12T10:46:40.837
Deferred
CVSSv2: 5.0 (MEDIUM)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | opensuse | opensuse | 13.1 | Yes |
| Operating System | opensuse | opensuse | 13.2 | Yes |
| Operating System | canonical | ubuntu_linux | 10.04 | Yes |
| Operating System | canonical | ubuntu_linux | 12.04 | Yes |
| Operating System | canonical | ubuntu_linux | 14.04 | Yes |
| Operating System | canonical | ubuntu_linux | 14.10 | Yes |
| Operating System | oracle | solaris | 11.2 | Yes |
| Application | redhat | tcpdump | 4.5.0 | Yes |
| Application | redhat | tcpdump | 4.5.1 | Yes |
| Application | redhat | tcpdump | 4.5.2 | Yes |
| Application | redhat | tcpdump | 4.6.0 | Yes |
| Application | redhat | tcpdump | 4.6.1 | Yes |
| Application | redhat | tcpdump | 4.6.2 | Yes |
| Operating System | opensuse | opensuse | 13.1 | No |
| Operating System | opensuse | opensuse | 13.2 | No |