Vulnerability from csaf_suse
Published
2019-10-15 09:18
Modified
2019-10-15 09:18
Summary
Security update for tcpdump
Notes
Title of the patch
Security update for tcpdump
Description of the patch
This update for tcpdump fixes the following issues:
Security issues fixed:
- CVE-2017-12995: Fixed an infinite loop in the DNS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12893: Fixed a buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12894: Fixed a buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247).
- CVE-2017-12896: Fixed a buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12897: Fixed a buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12898: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12899: Fixed a buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12900: Fixed a buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247).
- CVE-2017-12901: Fixed a buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12902: Fixed a buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12985: Fixed a buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12986: Fixed a buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12987: Fixed a buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12988: Fixed a buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12991: Fixed a buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12992: Fixed a buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12993: Fixed a buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12996: Fixed a buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12998: Fixed a buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-12999: Fixed a buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13001: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13002: Fixed a buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13003: Fixed a buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13004: Fixed a buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13005: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13006: Fixed a buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13008: Fixed a buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13009: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13010: Fixed a buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13012: Fixed a buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13013: Fixed a buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13014: Fixed a buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13016: Fixed a buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13017: Fixed a buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13018: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13019: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13021: Fixed a buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13022: Fixed a buffer over-read in the IP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13023: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13024: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13025: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13027: Fixed a buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13028: Fixed a buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13029: Fixed a buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13030: Fixed a buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13031: Fixed a buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13032: Fixed a buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13034: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13035: Fixed a buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13036: Fixed a buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13037: Fixed a buffer over-read in the IP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13038: Fixed a buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13041: Fixed a buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13047: Fixed a buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13048: Fixed a buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13049: Fixed a buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13051: Fixed a buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13053: Fixed a buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13055: Fixed a buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13687: Fixed a buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13688: Fixed a buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13689: Fixed a buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247).
- CVE-2017-13725: Fixed a buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247).
- CVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).
- CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).
- CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).
- CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).
- CVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).
- CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).
- CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).
- CVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).
- CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).
- CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).
- CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).
- CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).
- CVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).
- CVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).
- CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).
- CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).
- CVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN (bsc#1153098).
- CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).
- CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).
Patchnames
sleposp3-tcpdump-14191,slessp4-tcpdump-14191
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for tcpdump", title: "Title of the patch", }, { category: "description", text: "This update for tcpdump fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2017-12995: Fixed an infinite loop in the DNS parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12893: Fixed a buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12894: Fixed a buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247).\n- CVE-2017-12896: Fixed a buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12897: Fixed a buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12898: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12899: Fixed a buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12900: Fixed a buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247).\n- CVE-2017-12901: Fixed a buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12902: Fixed a buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12985: Fixed a buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12986: Fixed a buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12987: Fixed a buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12988: Fixed a buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12991: Fixed a buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12992: Fixed a buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12993: Fixed a buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12996: Fixed a buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12998: Fixed a buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-12999: Fixed a buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13001: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13002: Fixed a buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13003: Fixed a buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13004: Fixed a buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13005: Fixed a buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13006: Fixed a buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13008: Fixed a buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13009: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13010: Fixed a buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13012: Fixed a buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13013: Fixed a buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13014: Fixed a buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13016: Fixed a buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13017: Fixed a buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13018: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13019: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13021: Fixed a buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13022: Fixed a buffer over-read in the IP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13023: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13024: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13025: Fixed a buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13027: Fixed a buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13028: Fixed a buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13029: Fixed a buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13030: Fixed a buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13031: Fixed a buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13032: Fixed a buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13034: Fixed a buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13035: Fixed a buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13036: Fixed a buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13037: Fixed a buffer over-read in the IP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13038: Fixed a buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13041: Fixed a buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13047: Fixed a buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13048: Fixed a buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13049: Fixed a buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13051: Fixed a buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13053: Fixed a buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13055: Fixed a buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13687: Fixed a buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13688: Fixed a buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13689: Fixed a buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247).\n- CVE-2017-13725: Fixed a buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247).\n- CVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n- CVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n- CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).\n- CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).\n- CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).\n- CVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).\n- CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).\n- CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).\n- CVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).\n- CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).\n- CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).\n- CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).\n- CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).\n- CVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).\n- CVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).\n- CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).\n- CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).\n- CVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN (bsc#1153098).\n- CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).\n- CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).\n", title: "Description of the patch", }, { category: "details", text: "sleposp3-tcpdump-14191,slessp4-tcpdump-14191", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_14191-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:14191-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-201914191-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:14191-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-201914191-1.html", }, { category: "self", summary: "SUSE Bug 1057247", url: "https://bugzilla.suse.com/1057247", }, { category: "self", summary: "SUSE Bug 1153098", url: "https://bugzilla.suse.com/1153098", }, { category: "self", summary: "SUSE Bug 1153332", url: "https://bugzilla.suse.com/1153332", }, { category: "self", summary: "SUSE CVE CVE-2017-12893 page", url: "https://www.suse.com/security/cve/CVE-2017-12893/", }, { category: "self", summary: "SUSE CVE CVE-2017-12894 page", url: "https://www.suse.com/security/cve/CVE-2017-12894/", }, { category: "self", summary: "SUSE CVE CVE-2017-12896 page", url: "https://www.suse.com/security/cve/CVE-2017-12896/", }, { category: "self", summary: "SUSE CVE CVE-2017-12897 page", url: "https://www.suse.com/security/cve/CVE-2017-12897/", }, { category: "self", summary: "SUSE CVE CVE-2017-12898 page", url: "https://www.suse.com/security/cve/CVE-2017-12898/", }, { category: "self", summary: "SUSE CVE CVE-2017-12899 page", url: "https://www.suse.com/security/cve/CVE-2017-12899/", }, { category: "self", summary: "SUSE CVE CVE-2017-12900 page", url: "https://www.suse.com/security/cve/CVE-2017-12900/", }, { category: "self", summary: "SUSE CVE CVE-2017-12901 page", url: "https://www.suse.com/security/cve/CVE-2017-12901/", }, { category: "self", summary: "SUSE CVE CVE-2017-12902 page", url: "https://www.suse.com/security/cve/CVE-2017-12902/", }, { category: "self", summary: "SUSE CVE CVE-2017-12985 page", url: "https://www.suse.com/security/cve/CVE-2017-12985/", }, { category: "self", summary: "SUSE CVE CVE-2017-12986 page", url: "https://www.suse.com/security/cve/CVE-2017-12986/", }, { category: "self", summary: "SUSE CVE CVE-2017-12987 page", url: "https://www.suse.com/security/cve/CVE-2017-12987/", }, { category: "self", summary: "SUSE CVE CVE-2017-12988 page", url: "https://www.suse.com/security/cve/CVE-2017-12988/", }, { category: "self", summary: "SUSE CVE CVE-2017-12991 page", url: "https://www.suse.com/security/cve/CVE-2017-12991/", }, { category: "self", summary: "SUSE CVE CVE-2017-12992 page", url: "https://www.suse.com/security/cve/CVE-2017-12992/", }, { category: "self", summary: "SUSE CVE CVE-2017-12993 page", url: "https://www.suse.com/security/cve/CVE-2017-12993/", }, { category: "self", summary: "SUSE CVE CVE-2017-12995 page", url: "https://www.suse.com/security/cve/CVE-2017-12995/", }, { category: "self", summary: "SUSE CVE CVE-2017-12996 page", url: "https://www.suse.com/security/cve/CVE-2017-12996/", }, { category: "self", summary: "SUSE CVE CVE-2017-12998 page", url: "https://www.suse.com/security/cve/CVE-2017-12998/", }, { category: "self", summary: "SUSE CVE CVE-2017-12999 page", url: "https://www.suse.com/security/cve/CVE-2017-12999/", }, { category: "self", summary: "SUSE CVE CVE-2017-13001 page", url: "https://www.suse.com/security/cve/CVE-2017-13001/", }, { category: "self", summary: "SUSE CVE CVE-2017-13002 page", url: "https://www.suse.com/security/cve/CVE-2017-13002/", }, { category: "self", summary: "SUSE CVE CVE-2017-13003 page", url: "https://www.suse.com/security/cve/CVE-2017-13003/", }, { category: "self", summary: "SUSE CVE CVE-2017-13004 page", url: "https://www.suse.com/security/cve/CVE-2017-13004/", }, { category: "self", summary: "SUSE CVE CVE-2017-13005 page", url: "https://www.suse.com/security/cve/CVE-2017-13005/", }, { category: "self", summary: "SUSE CVE CVE-2017-13006 page", url: "https://www.suse.com/security/cve/CVE-2017-13006/", }, { category: "self", summary: "SUSE CVE CVE-2017-13008 page", url: "https://www.suse.com/security/cve/CVE-2017-13008/", }, { category: "self", summary: "SUSE CVE CVE-2017-13009 page", url: "https://www.suse.com/security/cve/CVE-2017-13009/", }, { category: "self", summary: "SUSE CVE CVE-2017-13010 page", url: "https://www.suse.com/security/cve/CVE-2017-13010/", }, { category: "self", summary: "SUSE CVE CVE-2017-13012 page", url: "https://www.suse.com/security/cve/CVE-2017-13012/", }, { category: "self", summary: "SUSE CVE CVE-2017-13013 page", url: "https://www.suse.com/security/cve/CVE-2017-13013/", }, { category: "self", summary: "SUSE CVE CVE-2017-13014 page", url: "https://www.suse.com/security/cve/CVE-2017-13014/", }, { category: "self", summary: "SUSE CVE CVE-2017-13016 page", url: "https://www.suse.com/security/cve/CVE-2017-13016/", }, { category: "self", summary: "SUSE CVE CVE-2017-13017 page", url: "https://www.suse.com/security/cve/CVE-2017-13017/", }, { category: "self", summary: "SUSE CVE CVE-2017-13018 page", url: "https://www.suse.com/security/cve/CVE-2017-13018/", }, { category: "self", summary: "SUSE CVE CVE-2017-13019 page", url: "https://www.suse.com/security/cve/CVE-2017-13019/", }, { category: "self", summary: "SUSE CVE CVE-2017-13021 page", url: "https://www.suse.com/security/cve/CVE-2017-13021/", }, { category: "self", summary: "SUSE CVE CVE-2017-13022 page", url: "https://www.suse.com/security/cve/CVE-2017-13022/", }, { category: "self", summary: "SUSE CVE CVE-2017-13023 page", url: "https://www.suse.com/security/cve/CVE-2017-13023/", }, { category: "self", summary: "SUSE CVE CVE-2017-13024 page", url: "https://www.suse.com/security/cve/CVE-2017-13024/", }, { category: "self", summary: "SUSE CVE CVE-2017-13025 page", url: "https://www.suse.com/security/cve/CVE-2017-13025/", }, { category: "self", summary: "SUSE CVE CVE-2017-13027 page", url: "https://www.suse.com/security/cve/CVE-2017-13027/", }, { category: "self", summary: "SUSE CVE CVE-2017-13028 page", url: "https://www.suse.com/security/cve/CVE-2017-13028/", }, { category: "self", summary: "SUSE CVE CVE-2017-13029 page", url: "https://www.suse.com/security/cve/CVE-2017-13029/", }, { category: "self", summary: "SUSE CVE CVE-2017-13030 page", url: "https://www.suse.com/security/cve/CVE-2017-13030/", }, { category: "self", summary: "SUSE CVE CVE-2017-13031 page", url: "https://www.suse.com/security/cve/CVE-2017-13031/", }, { category: "self", summary: "SUSE CVE CVE-2017-13032 page", url: "https://www.suse.com/security/cve/CVE-2017-13032/", }, { category: "self", summary: "SUSE CVE CVE-2017-13034 page", url: "https://www.suse.com/security/cve/CVE-2017-13034/", }, { category: "self", summary: "SUSE CVE CVE-2017-13035 page", url: "https://www.suse.com/security/cve/CVE-2017-13035/", }, { category: "self", summary: "SUSE CVE CVE-2017-13036 page", url: "https://www.suse.com/security/cve/CVE-2017-13036/", }, { category: "self", summary: "SUSE CVE CVE-2017-13037 page", url: "https://www.suse.com/security/cve/CVE-2017-13037/", }, { category: "self", summary: "SUSE CVE CVE-2017-13038 page", url: "https://www.suse.com/security/cve/CVE-2017-13038/", }, { category: "self", summary: "SUSE CVE CVE-2017-13041 page", url: "https://www.suse.com/security/cve/CVE-2017-13041/", }, { category: "self", summary: "SUSE CVE CVE-2017-13047 page", url: "https://www.suse.com/security/cve/CVE-2017-13047/", }, { category: "self", summary: "SUSE CVE CVE-2017-13048 page", url: "https://www.suse.com/security/cve/CVE-2017-13048/", }, { category: "self", summary: "SUSE CVE CVE-2017-13049 page", url: "https://www.suse.com/security/cve/CVE-2017-13049/", }, { category: "self", summary: "SUSE CVE CVE-2017-13051 page", url: "https://www.suse.com/security/cve/CVE-2017-13051/", }, { category: "self", summary: "SUSE CVE CVE-2017-13053 page", url: "https://www.suse.com/security/cve/CVE-2017-13053/", }, { category: "self", summary: "SUSE CVE CVE-2017-13055 page", url: "https://www.suse.com/security/cve/CVE-2017-13055/", }, { category: "self", summary: "SUSE CVE CVE-2017-13687 page", url: "https://www.suse.com/security/cve/CVE-2017-13687/", }, { category: "self", summary: "SUSE CVE CVE-2017-13688 page", url: "https://www.suse.com/security/cve/CVE-2017-13688/", }, { category: "self", summary: "SUSE CVE CVE-2017-13689 page", url: "https://www.suse.com/security/cve/CVE-2017-13689/", }, { category: "self", summary: "SUSE CVE CVE-2017-13725 page", url: "https://www.suse.com/security/cve/CVE-2017-13725/", }, { category: "self", summary: "SUSE CVE CVE-2018-10103 page", url: "https://www.suse.com/security/cve/CVE-2018-10103/", }, { category: "self", summary: "SUSE CVE CVE-2018-10105 page", url: "https://www.suse.com/security/cve/CVE-2018-10105/", }, { category: "self", summary: "SUSE CVE CVE-2018-14461 page", url: "https://www.suse.com/security/cve/CVE-2018-14461/", }, { category: "self", summary: "SUSE CVE CVE-2018-14462 page", url: "https://www.suse.com/security/cve/CVE-2018-14462/", }, { category: "self", summary: "SUSE CVE CVE-2018-14463 page", url: "https://www.suse.com/security/cve/CVE-2018-14463/", }, { category: "self", summary: "SUSE CVE CVE-2018-14464 page", url: "https://www.suse.com/security/cve/CVE-2018-14464/", }, { category: "self", summary: "SUSE CVE CVE-2018-14465 page", url: "https://www.suse.com/security/cve/CVE-2018-14465/", }, { category: "self", summary: "SUSE CVE CVE-2018-14466 page", url: "https://www.suse.com/security/cve/CVE-2018-14466/", }, { category: "self", summary: "SUSE CVE CVE-2018-14467 page", url: "https://www.suse.com/security/cve/CVE-2018-14467/", }, { category: "self", summary: "SUSE CVE CVE-2018-14468 page", url: "https://www.suse.com/security/cve/CVE-2018-14468/", }, { category: "self", summary: "SUSE CVE CVE-2018-14469 page", url: "https://www.suse.com/security/cve/CVE-2018-14469/", }, { category: "self", summary: "SUSE CVE CVE-2018-14881 page", url: "https://www.suse.com/security/cve/CVE-2018-14881/", }, { category: "self", summary: "SUSE CVE CVE-2018-14882 page", url: "https://www.suse.com/security/cve/CVE-2018-14882/", }, { category: "self", summary: "SUSE CVE CVE-2018-16229 page", url: "https://www.suse.com/security/cve/CVE-2018-16229/", }, { category: "self", summary: "SUSE CVE CVE-2018-16230 page", url: "https://www.suse.com/security/cve/CVE-2018-16230/", }, { category: "self", summary: "SUSE CVE CVE-2018-16300 page", url: "https://www.suse.com/security/cve/CVE-2018-16300/", }, { category: "self", summary: "SUSE CVE CVE-2018-16301 page", url: "https://www.suse.com/security/cve/CVE-2018-16301/", }, { category: "self", summary: "SUSE CVE CVE-2018-16451 page", url: "https://www.suse.com/security/cve/CVE-2018-16451/", }, { category: "self", summary: "SUSE CVE CVE-2018-16452 page", url: "https://www.suse.com/security/cve/CVE-2018-16452/", }, { category: "self", summary: "SUSE CVE CVE-2019-15166 page", url: "https://www.suse.com/security/cve/CVE-2019-15166/", }, ], title: "Security update for tcpdump", tracking: { current_release_date: "2019-10-15T09:18:48Z", generator: { date: "2019-10-15T09:18:48Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:14191-1", initial_release_date: "2019-10-15T09:18:48Z", revision_history: [ { date: "2019-10-15T09:18:48Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "tcpdump-3.9.8-1.30.13.1.i586", product: { name: "tcpdump-3.9.8-1.30.13.1.i586", product_id: "tcpdump-3.9.8-1.30.13.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "tcpdump-3.9.8-1.30.13.1.ppc64", product: { name: "tcpdump-3.9.8-1.30.13.1.ppc64", product_id: "tcpdump-3.9.8-1.30.13.1.ppc64", }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "tcpdump-3.9.8-1.30.13.1.s390x", product: { name: "tcpdump-3.9.8-1.30.13.1.s390x", product_id: "tcpdump-3.9.8-1.30.13.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "tcpdump-3.9.8-1.30.13.1.x86_64", product: { name: "tcpdump-3.9.8-1.30.13.1.x86_64", product_id: "tcpdump-3.9.8-1.30.13.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Point of Sale 11 SP3", product: { name: "SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-pos:11:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP4-LTSS", product: { name: "SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles:11:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "tcpdump-3.9.8-1.30.13.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", }, product_reference: "tcpdump-3.9.8-1.30.13.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "tcpdump-3.9.8-1.30.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", }, product_reference: "tcpdump-3.9.8-1.30.13.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "tcpdump-3.9.8-1.30.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", }, product_reference: "tcpdump-3.9.8-1.30.13.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "tcpdump-3.9.8-1.30.13.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", }, product_reference: "tcpdump-3.9.8-1.30.13.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "tcpdump-3.9.8-1.30.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", }, product_reference: "tcpdump-3.9.8-1.30.13.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, ], }, vulnerabilities: [ { cve: "CVE-2017-12893", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12893", }, ], notes: [ { category: "general", text: "The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12893", url: "https://www.suse.com/security/cve/CVE-2017-12893", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12893", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12893", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12893", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12893", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12893", }, { cve: "CVE-2017-12894", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12894", }, ], notes: [ { category: "general", text: "Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12894", url: "https://www.suse.com/security/cve/CVE-2017-12894", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12894", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12894", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12894", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12894", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12894", }, { cve: "CVE-2017-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12896", }, ], notes: [ { category: "general", text: "The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12896", url: "https://www.suse.com/security/cve/CVE-2017-12896", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12896", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12896", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12896", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12896", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12896", }, { cve: "CVE-2017-12897", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12897", }, ], notes: [ { category: "general", text: "The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12897", url: "https://www.suse.com/security/cve/CVE-2017-12897", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12897", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12897", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12897", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12897", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12897", }, { cve: "CVE-2017-12898", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12898", }, ], notes: [ { category: "general", text: "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12898", url: "https://www.suse.com/security/cve/CVE-2017-12898", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12898", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12898", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12898", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12898", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12898", }, { cve: "CVE-2017-12899", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12899", }, ], notes: [ { category: "general", text: "The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12899", url: "https://www.suse.com/security/cve/CVE-2017-12899", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12899", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12899", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12899", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12899", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12899", }, { cve: "CVE-2017-12900", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12900", }, ], notes: [ { category: "general", text: "Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12900", url: "https://www.suse.com/security/cve/CVE-2017-12900", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12900", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12900", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12900", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12900", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12900", }, { cve: "CVE-2017-12901", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12901", }, ], notes: [ { category: "general", text: "The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12901", url: "https://www.suse.com/security/cve/CVE-2017-12901", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12901", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12901", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12901", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12901", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12901", }, { cve: "CVE-2017-12902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12902", }, ], notes: [ { category: "general", text: "The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12902", url: "https://www.suse.com/security/cve/CVE-2017-12902", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12902", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12902", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12902", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12902", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12902", }, { cve: "CVE-2017-12985", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12985", }, ], notes: [ { category: "general", text: "The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12985", url: "https://www.suse.com/security/cve/CVE-2017-12985", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12985", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12985", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12985", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12985", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12985", }, { cve: "CVE-2017-12986", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12986", }, ], notes: [ { category: "general", text: "The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12986", url: "https://www.suse.com/security/cve/CVE-2017-12986", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12986", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12986", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12986", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12986", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12986", }, { cve: "CVE-2017-12987", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12987", }, ], notes: [ { category: "general", text: "The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12987", url: "https://www.suse.com/security/cve/CVE-2017-12987", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12987", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12987", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12987", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12987", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12987", }, { cve: "CVE-2017-12988", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12988", }, ], notes: [ { category: "general", text: "The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12988", url: "https://www.suse.com/security/cve/CVE-2017-12988", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12988", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12988", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12988", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12988", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12988", }, { cve: "CVE-2017-12991", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12991", }, ], notes: [ { category: "general", text: "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12991", url: "https://www.suse.com/security/cve/CVE-2017-12991", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12991", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12991", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12991", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12991", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12991", }, { cve: "CVE-2017-12992", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12992", }, ], notes: [ { category: "general", text: "The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12992", url: "https://www.suse.com/security/cve/CVE-2017-12992", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12992", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12992", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12992", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12992", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12992", }, { cve: "CVE-2017-12993", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12993", }, ], notes: [ { category: "general", text: "The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12993", url: "https://www.suse.com/security/cve/CVE-2017-12993", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12993", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12993", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12993", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12993", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12993", }, { cve: "CVE-2017-12995", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12995", }, ], notes: [ { category: "general", text: "The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12995", url: "https://www.suse.com/security/cve/CVE-2017-12995", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12995", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12995", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12995", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12995", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12995", }, { cve: "CVE-2017-12996", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12996", }, ], notes: [ { category: "general", text: "The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12996", url: "https://www.suse.com/security/cve/CVE-2017-12996", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12996", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12996", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12996", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12996", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12996", }, { cve: "CVE-2017-12998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12998", }, ], notes: [ { category: "general", text: "The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12998", url: "https://www.suse.com/security/cve/CVE-2017-12998", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12998", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12998", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12998", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12998", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12998", }, { cve: "CVE-2017-12999", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-12999", }, ], notes: [ { category: "general", text: "The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-12999", url: "https://www.suse.com/security/cve/CVE-2017-12999", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-12999", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-12999", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-12999", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-12999", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-12999", }, { cve: "CVE-2017-13001", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13001", }, ], notes: [ { category: "general", text: "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13001", url: "https://www.suse.com/security/cve/CVE-2017-13001", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13001", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13001", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13001", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13001", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13001", }, { cve: "CVE-2017-13002", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13002", }, ], notes: [ { category: "general", text: "The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13002", url: "https://www.suse.com/security/cve/CVE-2017-13002", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13002", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13002", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13002", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13002", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13002", }, { cve: "CVE-2017-13003", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13003", }, ], notes: [ { category: "general", text: "The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13003", url: "https://www.suse.com/security/cve/CVE-2017-13003", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13003", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13003", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13003", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13003", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13003", }, { cve: "CVE-2017-13004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13004", }, ], notes: [ { category: "general", text: "The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13004", url: "https://www.suse.com/security/cve/CVE-2017-13004", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13004", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13004", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13004", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13004", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13004", }, { cve: "CVE-2017-13005", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13005", }, ], notes: [ { category: "general", text: "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13005", url: "https://www.suse.com/security/cve/CVE-2017-13005", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13005", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13005", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13005", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13005", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13005", }, { cve: "CVE-2017-13006", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13006", }, ], notes: [ { category: "general", text: "The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13006", url: "https://www.suse.com/security/cve/CVE-2017-13006", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13006", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13006", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13006", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13006", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13006", }, { cve: "CVE-2017-13008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13008", }, ], notes: [ { category: "general", text: "The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13008", url: "https://www.suse.com/security/cve/CVE-2017-13008", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13008", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13008", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13008", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13008", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13008", }, { cve: "CVE-2017-13009", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13009", }, ], notes: [ { category: "general", text: "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13009", url: "https://www.suse.com/security/cve/CVE-2017-13009", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13009", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13009", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13009", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13009", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13009", }, { cve: "CVE-2017-13010", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13010", }, ], notes: [ { category: "general", text: "The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13010", url: "https://www.suse.com/security/cve/CVE-2017-13010", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13010", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13010", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13010", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13010", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13010", }, { cve: "CVE-2017-13012", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13012", }, ], notes: [ { category: "general", text: "The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13012", url: "https://www.suse.com/security/cve/CVE-2017-13012", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13012", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13012", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13012", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13012", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13012", }, { cve: "CVE-2017-13013", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13013", }, ], notes: [ { category: "general", text: "The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13013", url: "https://www.suse.com/security/cve/CVE-2017-13013", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13013", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13013", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13013", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13013", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13013", }, { cve: "CVE-2017-13014", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13014", }, ], notes: [ { category: "general", text: "The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13014", url: "https://www.suse.com/security/cve/CVE-2017-13014", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13014", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13014", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13014", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13014", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13014", }, { cve: "CVE-2017-13016", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13016", }, ], notes: [ { category: "general", text: "The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13016", url: "https://www.suse.com/security/cve/CVE-2017-13016", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13016", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13016", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13016", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13016", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13016", }, { cve: "CVE-2017-13017", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13017", }, ], notes: [ { category: "general", text: "The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13017", url: "https://www.suse.com/security/cve/CVE-2017-13017", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13017", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13017", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13017", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13017", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13017", }, { cve: "CVE-2017-13018", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13018", }, ], notes: [ { category: "general", text: "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13018", url: "https://www.suse.com/security/cve/CVE-2017-13018", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13018", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13018", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13018", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13018", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13018", }, { cve: "CVE-2017-13019", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13019", }, ], notes: [ { category: "general", text: "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13019", url: "https://www.suse.com/security/cve/CVE-2017-13019", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13019", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13019", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13019", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13019", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13019", }, { cve: "CVE-2017-13021", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13021", }, ], notes: [ { category: "general", text: "The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13021", url: "https://www.suse.com/security/cve/CVE-2017-13021", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13021", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13021", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13021", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13021", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13021", }, { cve: "CVE-2017-13022", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13022", }, ], notes: [ { category: "general", text: "The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13022", url: "https://www.suse.com/security/cve/CVE-2017-13022", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13022", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13022", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13022", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13022", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13022", }, { cve: "CVE-2017-13023", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13023", }, ], notes: [ { category: "general", text: "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13023", url: "https://www.suse.com/security/cve/CVE-2017-13023", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13023", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13023", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13023", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13023", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13023", }, { cve: "CVE-2017-13024", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13024", }, ], notes: [ { category: "general", text: "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13024", url: "https://www.suse.com/security/cve/CVE-2017-13024", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13024", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13024", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13024", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13024", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13024", }, { cve: "CVE-2017-13025", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13025", }, ], notes: [ { category: "general", text: "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13025", url: "https://www.suse.com/security/cve/CVE-2017-13025", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13025", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13025", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13025", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13025", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13025", }, { cve: "CVE-2017-13027", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13027", }, ], notes: [ { category: "general", text: "The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13027", url: "https://www.suse.com/security/cve/CVE-2017-13027", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13027", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13027", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13027", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13027", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13027", }, { cve: "CVE-2017-13028", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13028", }, ], notes: [ { category: "general", text: "The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13028", url: "https://www.suse.com/security/cve/CVE-2017-13028", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13028", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13028", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13028", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13028", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13028", }, { cve: "CVE-2017-13029", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13029", }, ], notes: [ { category: "general", text: "The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13029", url: "https://www.suse.com/security/cve/CVE-2017-13029", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13029", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13029", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13029", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13029", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13029", }, { cve: "CVE-2017-13030", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13030", }, ], notes: [ { category: "general", text: "The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13030", url: "https://www.suse.com/security/cve/CVE-2017-13030", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13030", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13030", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13030", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13030", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13030", }, { cve: "CVE-2017-13031", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13031", }, ], notes: [ { category: "general", text: "The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13031", url: "https://www.suse.com/security/cve/CVE-2017-13031", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13031", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13031", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13031", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13031", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13031", }, { cve: "CVE-2017-13032", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13032", }, ], notes: [ { category: "general", text: "The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13032", url: "https://www.suse.com/security/cve/CVE-2017-13032", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13032", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13032", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13032", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13032", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13032", }, { cve: "CVE-2017-13034", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13034", }, ], notes: [ { category: "general", text: "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13034", url: "https://www.suse.com/security/cve/CVE-2017-13034", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13034", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13034", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13034", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13034", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13034", }, { cve: "CVE-2017-13035", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13035", }, ], notes: [ { category: "general", text: "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13035", url: "https://www.suse.com/security/cve/CVE-2017-13035", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13035", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13035", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13035", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13035", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13035", }, { cve: "CVE-2017-13036", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13036", }, ], notes: [ { category: "general", text: "The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13036", url: "https://www.suse.com/security/cve/CVE-2017-13036", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13036", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13036", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13036", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13036", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13036", }, { cve: "CVE-2017-13037", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13037", }, ], notes: [ { category: "general", text: "The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13037", url: "https://www.suse.com/security/cve/CVE-2017-13037", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13037", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13037", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13037", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13037", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13037", }, { cve: "CVE-2017-13038", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13038", }, ], notes: [ { category: "general", text: "The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13038", url: "https://www.suse.com/security/cve/CVE-2017-13038", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13038", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13038", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13038", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13038", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13038", }, { cve: "CVE-2017-13041", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13041", }, ], notes: [ { category: "general", text: "The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13041", url: "https://www.suse.com/security/cve/CVE-2017-13041", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13041", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13041", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13041", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13041", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13041", }, { cve: "CVE-2017-13047", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13047", }, ], notes: [ { category: "general", text: "The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13047", url: "https://www.suse.com/security/cve/CVE-2017-13047", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13047", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13047", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13047", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13047", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13047", }, { cve: "CVE-2017-13048", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13048", }, ], notes: [ { category: "general", text: "The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13048", url: "https://www.suse.com/security/cve/CVE-2017-13048", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13048", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13048", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13048", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13048", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13048", }, { cve: "CVE-2017-13049", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13049", }, ], notes: [ { category: "general", text: "The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13049", url: "https://www.suse.com/security/cve/CVE-2017-13049", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13049", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13049", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13049", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13049", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13049", }, { cve: "CVE-2017-13051", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13051", }, ], notes: [ { category: "general", text: "The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13051", url: "https://www.suse.com/security/cve/CVE-2017-13051", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13051", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13051", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13051", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13051", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13051", }, { cve: "CVE-2017-13053", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13053", }, ], notes: [ { category: "general", text: "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13053", url: "https://www.suse.com/security/cve/CVE-2017-13053", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13053", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13053", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13053", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13053", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13053", }, { cve: "CVE-2017-13055", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13055", }, ], notes: [ { category: "general", text: "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13055", url: "https://www.suse.com/security/cve/CVE-2017-13055", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13055", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13055", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13055", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13055", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13055", }, { cve: "CVE-2017-13687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13687", }, ], notes: [ { category: "general", text: "The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13687", url: "https://www.suse.com/security/cve/CVE-2017-13687", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13687", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13687", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13687", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13687", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13687", }, { cve: "CVE-2017-13688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13688", }, ], notes: [ { category: "general", text: "The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13688", url: "https://www.suse.com/security/cve/CVE-2017-13688", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13688", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13688", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13688", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13688", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13688", }, { cve: "CVE-2017-13689", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13689", }, ], notes: [ { category: "general", text: "The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13689", url: "https://www.suse.com/security/cve/CVE-2017-13689", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13689", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13689", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13689", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13689", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13689", }, { cve: "CVE-2017-13725", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-13725", }, ], notes: [ { category: "general", text: "The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-13725", url: "https://www.suse.com/security/cve/CVE-2017-13725", }, { category: "external", summary: "SUSE Bug 1050219 for CVE-2017-13725", url: "https://bugzilla.suse.com/1050219", }, { category: "external", summary: "SUSE Bug 1050222 for CVE-2017-13725", url: "https://bugzilla.suse.com/1050222", }, { category: "external", summary: "SUSE Bug 1050225 for CVE-2017-13725", url: "https://bugzilla.suse.com/1050225", }, { category: "external", summary: "SUSE Bug 1057247 for CVE-2017-13725", url: "https://bugzilla.suse.com/1057247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "critical", }, ], title: "CVE-2017-13725", }, { cve: "CVE-2018-10103", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10103", }, ], notes: [ { category: "general", text: "tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10103", url: "https://www.suse.com/security/cve/CVE-2018-10103", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-10103", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-10103", }, { cve: "CVE-2018-10105", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10105", }, ], notes: [ { category: "general", text: "tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10105", url: "https://www.suse.com/security/cve/CVE-2018-10105", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-10105", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-10105", }, { cve: "CVE-2018-14461", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14461", }, ], notes: [ { category: "general", text: "The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14461", url: "https://www.suse.com/security/cve/CVE-2018-14461", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-14461", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-14461", }, { cve: "CVE-2018-14462", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14462", }, ], notes: [ { category: "general", text: "The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14462", url: "https://www.suse.com/security/cve/CVE-2018-14462", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-14462", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-14462", }, { cve: "CVE-2018-14463", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14463", }, ], notes: [ { category: "general", text: "The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14463", url: "https://www.suse.com/security/cve/CVE-2018-14463", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-14463", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-14463", }, { cve: "CVE-2018-14464", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14464", }, ], notes: [ { category: "general", text: "The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14464", url: "https://www.suse.com/security/cve/CVE-2018-14464", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-14464", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-14464", }, { cve: "CVE-2018-14465", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14465", }, ], notes: [ { category: "general", text: "The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14465", url: "https://www.suse.com/security/cve/CVE-2018-14465", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-14465", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-14465", }, { cve: "CVE-2018-14466", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14466", }, ], notes: [ { category: "general", text: "The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14466", url: "https://www.suse.com/security/cve/CVE-2018-14466", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-14466", url: "https://bugzilla.suse.com/1153098", }, { category: "external", summary: "SUSE Bug 1166972 for CVE-2018-14466", url: "https://bugzilla.suse.com/1166972", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-14466", }, { cve: "CVE-2018-14467", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14467", }, ], notes: [ { category: "general", text: "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14467", url: "https://www.suse.com/security/cve/CVE-2018-14467", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-14467", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-14467", }, { cve: "CVE-2018-14468", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14468", }, ], notes: [ { category: "general", text: "The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14468", url: "https://www.suse.com/security/cve/CVE-2018-14468", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-14468", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-14468", }, { cve: "CVE-2018-14469", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14469", }, ], notes: [ { category: "general", text: "The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14469", url: "https://www.suse.com/security/cve/CVE-2018-14469", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-14469", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-14469", }, { cve: "CVE-2018-14881", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14881", }, ], notes: [ { category: "general", text: "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14881", url: "https://www.suse.com/security/cve/CVE-2018-14881", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-14881", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-14881", }, { cve: "CVE-2018-14882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14882", }, ], notes: [ { category: "general", text: "The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14882", url: "https://www.suse.com/security/cve/CVE-2018-14882", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-14882", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-14882", }, { cve: "CVE-2018-16229", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16229", }, ], notes: [ { category: "general", text: "The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16229", url: "https://www.suse.com/security/cve/CVE-2018-16229", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-16229", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-16229", }, { cve: "CVE-2018-16230", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16230", }, ], notes: [ { category: "general", text: "The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16230", url: "https://www.suse.com/security/cve/CVE-2018-16230", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-16230", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-16230", }, { cve: "CVE-2018-16300", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16300", }, ], notes: [ { category: "general", text: "The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16300", url: "https://www.suse.com/security/cve/CVE-2018-16300", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-16300", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "important", }, ], title: "CVE-2018-16300", }, { cve: "CVE-2018-16301", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16301", }, ], notes: [ { category: "general", text: "The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16301", url: "https://www.suse.com/security/cve/CVE-2018-16301", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-16301", url: "https://bugzilla.suse.com/1153098", }, { category: "external", summary: "SUSE Bug 1153332 for CVE-2018-16301", url: "https://bugzilla.suse.com/1153332", }, { category: "external", summary: "SUSE Bug 1195825 for CVE-2018-16301", url: "https://bugzilla.suse.com/1195825", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "important", }, ], title: "CVE-2018-16301", }, { cve: "CVE-2018-16451", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16451", }, ], notes: [ { category: "general", text: "The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16451", url: "https://www.suse.com/security/cve/CVE-2018-16451", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-16451", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-16451", }, { cve: "CVE-2018-16452", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16452", }, ], notes: [ { category: "general", text: "The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16452", url: "https://www.suse.com/security/cve/CVE-2018-16452", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2018-16452", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2018-16452", }, { cve: "CVE-2019-15166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-15166", }, ], notes: [ { category: "general", text: "lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-15166", url: "https://www.suse.com/security/cve/CVE-2019-15166", }, { category: "external", summary: "SUSE Bug 1153098 for CVE-2019-15166", url: "https://bugzilla.suse.com/1153098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:tcpdump-3.9.8-1.30.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-10-15T09:18:48Z", details: "moderate", }, ], title: "CVE-2019-15166", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.