← back
CVE-2014-8768

CVE-2014-8768

EPSS 20.4%
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.
Affected products
n/a · n/a
public PoCs found3
cve_referencepacketstormsecurity.com/files/129156/tcpdump-4.6.2-Geonet-Denial-Of-Service.htmlunverifiedcve_referencewww.exploit-db.com/exploits/35359unverifiedexploitdbwww.exploit-db.com/exploits/35359unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.htmlhttp://packetstormsecurity.com/files/129156/tcpdump-4.6.2-Geonet-Denial-Of-Service.htmlhttp://seclists.org/fulldisclosure/2014/Nov/48https://exchange.xforce.ibmcloud.com/vulnerabilities/98766http://www.exploit-db.com/exploits/35359http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.htmlhttp://www.securityfocus.com/archive/1/534010/100/0/threadedhttp://www.securityfocus.com/bid/71155http://www.ubuntu.com/usn/USN-2433-1