Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2018-19519

Published: 25/11/2018 Updated: 07/11/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Tcpdump

Vulnerability Summary

In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

tcpdump tcpdump 4.9.2

Vendor Advisories

Ubuntu Security Notice: tcpdump vulnerabilities
Several security issues were fixed in tcpdump ...
Ubuntu Security Notice: tcpdump vulnerabilities
Several security issues were fixed in tcpdump ...
Red Hat: Low: tcpdump security update
Synopsis Low: tcpdump security update Type/Severity Security Advisory: Low Topic An update for tcpdump is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which gives a det ...
Red Hat: Low: tcpdump security update
Synopsis Low: tcpdump security update Type/Severity Security Advisory: Low Topic An update for tcpdump is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which gives a det ...
Red Hat: Important: Container-native Virtualization security, bug fix, and enhancement update
Synopsis Important: Container-native Virtualization security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Virtualization release 240 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Securi ...
Red Hat: Moderate: OpenShift Container Platform 4.6.1 image security update
Synopsis Moderate: OpenShift Container Platform 461 image security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat OpenShift Container Platform 46Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...
Amazon Linux 2: ALAS2-2020-1385
In tcpdump 492, a stack-based buffer over-read exists in the print_prefix function of print-hncpc via crafted packet data because of missing initialization (CVE-2018-19519) ...
Red Hat: CVE-2018-19519
In tcpdump 492, a stack-based buffer over-read exists in the print_prefix function of print-hncpc via crafted packet data because of missing initialization ...

References

CWE-125CWE-909https://github.com/zyingp/temp/blob/master/tcpdump.mdhttp://www.securityfocus.com/bid/106098https://access.redhat.com/errata/RHSA-2019:3976https://usn.ubuntu.com/4252-2/https://usn.ubuntu.com/4252-1/https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44516https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN/https://nvd.nist.govhttps://usn.ubuntu.com/4252-2/https://access.redhat.com/security/cve/cve-2018-19519
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook