Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-1801

Published: 07/04/2023 Updated: 23/12/2023
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Tcpdump

Vulnerability Summary

The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

tcpdump tcpdump 4.99.3

Vendor Advisories

Debian CVElist Bug Report Logs: tcpdump: CVE-2023-1801
Debian Bug report logs - #1034086 tcpdump: CVE-2023-1801 Package: src:tcpdump; Maintainer for src:tcpdump is Romain Francoise <rfrancoise@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 8 Apr 2023 11:51:01 UTC Severity: important Tags: security, upstream Found in versions tcpdump/499 ...
Red Hat:
DescriptionThe MITRE CVE dictionary describes this issue as: The SMB protocol decoder in tcpdump version 4993 can perform an out-of-bounds write when decoding a crafted network packet ...

References

CWE-787https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bchttps://github.com/the-tcpdump-group/tcpdump/commit/7578e1c04ee280dda50c4c2813e7d55f539c6501https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOA2BJFERAC3VRQIRHJOWN4HZY4ZA7CH/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYL5DEVHRJYF2CM5LTCZKEYFYDZAIZSN/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLLZCG23MU6O4QOG2CX3DLEL3YXP6LAI/https://support.apple.com/kb/HT213844https://support.apple.com/kb/HT213845https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034086https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2023-1801
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook