Red Hat update for Tcpdump
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 45 |
| CVE-ID | CVE-2015-0261 CVE-2015-2153 CVE-2015-2154 CVE-2015-2155 CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931 CVE-2016-7932 CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936 CVE-2016-7937 CVE-2016-7938 CVE-2016-7939 CVE-2016-7940 CVE-2016-7973 CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7985 CVE-2016-7986 CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 CVE-2016-8575 CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5205 CVE-2017-5341 CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485 CVE-2017-5486 |
| CWE-ID | CWE-125 CWE-787 CWE-20 CWE-120 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
Red Hat Enterprise Linux Server Operating systems & Components / Operating system |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 45 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU7689
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2015-0261
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code.
The weakness exists due to integer signedness error in the mobility_opt_print function in the IPv6 mobility printer A remote attacker can supply a negative length value, trigger out-of-bounds read, cause the system crash and possibly execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds write
EUVDB-ID: #VU7688
Risk: High
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2015-2153
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code.
The weakness exists due to an error in the rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer. A remote attacker can supply a specially crafted header length in an RPKI-RTR Protocol Data Unit (PDU), trigger out-of-bounds read or write and cause the system crash or execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Out-of-bounds read
EUVDB-ID: #VU7687
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2015-2154
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to an error in the osi_print_cksum function in print-isoclns.c in the ethernet printer. A remote attacker can send a specially crafted length offset or base pointer checksum value, trigger out-of-bounds read and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper input validation
EUVDB-ID: #VU7686
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2015-2155
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code.
The weakness exists due to an error in the Force printer. A remote attacker can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Buffer overflow
EUVDB-ID: #VU6729
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7922
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-ah.c:ah_print() in the AH parser. A remote attacker can use a specially crafted AH protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer overflow
EUVDB-ID: #VU6730
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7923
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-arp.c:arp_print() in the ARP parser. A remote attacker can use a specially crafted ARP protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Buffer overflow
EUVDB-ID: #VU6731
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7924
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-atm.c:oam_print() in the compressed ATM parser. A remote attacker can use a specially crafted ATM protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Buffer overflow
EUVDB-ID: #VU6732
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7925
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-sl.c:sl_if_print() in the compressed SLIP parser. A remote attacker can use a specially crafted SLIP protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Buffer overflow
EUVDB-ID: #VU6733
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7926
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-ether.c:ethertype_print() in the Ethernet parser. A remote attacker can use a specially crafted protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Buffer overflow
EUVDB-ID: #VU6734
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7927
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-802_11.c:ieee802_11_radio_print() in the IEEE 802.11 parser. A remote attacker can use a specially crafted protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Buffer overflow
EUVDB-ID: #VU6735
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7928
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-ipcomp.c:ipcomp_print() in the IPComp parser. A remote attacker can use a specially crafted IPComp protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Buffer overflow
EUVDB-ID: #VU6813
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7929
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-juniper.c:juniper_parse_header() in the Juniper PPPoE ATM parser. A remote attacker can use a specially crafted protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Buffer overflow
EUVDB-ID: #VU6736
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7930
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-llc.c:llc_print() in the LLC/SNAP parser. A remote attacker can use a specially crafted LLC/SNAP protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Buffer overflow
EUVDB-ID: #VU6737
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7931
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-mpls.c:mpls_print() in the MPLS parser. A remote attacker can use a specially crafted MPLS protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Buffer overflow
EUVDB-ID: #VU6738
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7932
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-pim.c:pimv2_check_checksum() in the PIM parser. A remote attacker can use a specially crafted PIM protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Buffer overflow
EUVDB-ID: #VU6739
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7933
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-ppp.c:ppp_hdlc_if_print() in the PPP parser. A remote attacker can use a specially crafted PPP protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Buffer overflow
EUVDB-ID: #VU6740
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7934
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-udp.c:rtcp_print() in the RTCP parser. A remote attacker can use a specially crafted RTCP protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Buffer overflow
EUVDB-ID: #VU6741
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7935
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-udp.c:rtp_print() in the RTP parser. A remote attacker can use a specially crafted RTP protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Buffer overflow
EUVDB-ID: #VU6742
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7936
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-udp.c:udp_print() in the UDP parser. A remote attacker can use a specially crafted UDP protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Buffer overflow
EUVDB-ID: #VU6743
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7937
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-udp.c:vat_print() in the VAT parser. A remote attacker can use a specially crafted VAT protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Buffer overflow
EUVDB-ID: #VU6812
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7938
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-zeromq.c:zmtp1_print_frame() in the ZeroMQ parser. A remote attacker can use a specially crafted protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Buffer overflow
EUVDB-ID: #VU6744
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7939
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in the print-gre.c in the GRE parser. A remote attacker can use a specially crafted GRE protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Buffer overflow
EUVDB-ID: #VU6745
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7940
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-stp.c in the STP parser. A remote attacker can use a specially crafted STP protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Buffer overflow
EUVDB-ID: #VU6746
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7973
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.
The weakness exists due to buffer overflow in the print-atalk.c in the AppleTalk parser. A remote attacker can use a specially crafted protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Buffer overflow
EUVDB-ID: #VU6747
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7974
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in the print-ip.c in the IP parser. A remote attacker can use a speciall crafted IP protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Buffer overflow
EUVDB-ID: #VU6748
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7975
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in the print-tcp.c:tcp_print() in the TCP parser. A remote attacker can use a speciall crafted TCP protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Buffer overflow
EUVDB-ID: #VU6749
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7983
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in the print-bootp.c:bootp_print() in the BOOTP parser. A remote attacker can use a specially crafted protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Buffer overflow
EUVDB-ID: #VU6750
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7984
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in the print-tftp.c:tftp_print() in the TFTP parser. A remote attacker can use a specially crafted protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Buffer overflow
EUVDB-ID: #VU6811
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7985
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in the print-calm-fast.c:calm_fast_print() in the CALM FAST parser. A remote attacker can use a specially crafted protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Buffer overflow
EUVDB-ID: #VU6810
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7986
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in the print-geonet.c in the GeoNetworking parser. A remote attacker can use a specially crafted protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Buffer overflow
EUVDB-ID: #VU6751
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7992
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in the print-cip.c:cip_if_print() in the Classical IP over ATM parser. A remote attacker can use a specially crafted protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Buffer overflow
EUVDB-ID: #VU6752
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-7993
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in the util-print.c:relts_print() in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM). A remote attacker can use a specially crafted protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Buffer overflow
EUVDB-ID: #VU6753
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-8574
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in print-fr.c:frf15_print() in the FRF.15 parser. A remote attacker can use a specially crafted FRF.15 protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Buffer overflow
EUVDB-ID: #VU6754
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-8575
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in print-fr.c:q933_print() in the Q.933 parser. A remote attacker can use a specially crafted Q.933 protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Buffer overflow
EUVDB-ID: #VU6755
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-5202
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in print-isoclns.c:clnp_print() in the ISO CLNS parser. A remote attacker can use a specially crafted ISO CLNS protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Buffer overflow
EUVDB-ID: #VU6756
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-5203
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in print-bootp.c:bootp_print() in the BOOTP parser. A remote attacker can use a specially crafted BOOTP protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Buffer overflow
EUVDB-ID: #VU6757
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-5204
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in print-ip6.c:ip6_print() in the IPv6 parser. A remote attacker can use a specially crafted IPv6 protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Buffer overflow
EUVDB-ID: #VU6809
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-5205
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in print-isakmp.c:ikev2_e_print() in the ISAKMP parser. A remote attacker can use a specially crafted ISAKMP protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Buffer overflow
EUVDB-ID: #VU6808
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-5341
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in print-otv.c:otv_print() in the OTV parser. A remote attacker can use a specially crafted OTV protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Buffer overflow
EUVDB-ID: #VU6806
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-5342
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in print-ether.c:ether_print() in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE). A remote attacker can use a specially crafted protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Buffer overflow
EUVDB-ID: #VU6758
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-5482
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in print-fr.c:q933_print() in the Q.933 parser. A remote attacker can use a specially crafted Q.933 protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Buffer overflow
EUVDB-ID: #VU6759
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-5483
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in print-snmp.c:asn1_parse() in the SNMP parser. A remote attacker can use a specially crafted SNMP protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Buffer overflow
EUVDB-ID: #VU6760
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-5484
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in print-atm.c:sig_print() in the ATM parser. A remote attacker can use a specially crafted ATM protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Buffer overflow
EUVDB-ID: #VU6805
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-5485
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in addrtoname.c:lookup_nsap() in the ISO CLNS parser. A remote attacker can use a specially crafted ISO CLNS protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Buffer overflow
EUVDB-ID: #VU6761
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-5486
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.
The weakness exists due to buffer overflow in print-isoclns.c:clnp_print() in the ISO CLNS parser. A remote attacker can use a specially crafted ISO CLNS protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Install update from vendor's website.
Vulnerable software versionsRed Hat Enterprise Linux Server: 7
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2017:1871
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
