Home

CVE-2018-16301

Description

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.064

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.2Mac
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.2 Combo UpdateMac
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Server 12-SP4 ) libpcap-debugsource-1.8.1-10.3.1.x86_64.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Server 12-SP4 ) libpcap1-1.8.1-10.3.1.x86_64.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Server 12-SP4 ) libpcap1-debuginfo-1.8.1-10.3.1.x86_64.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Server 12-SP4 ) tcpdump-4.9.2-14.14.1.x86_64.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Server 12-SP4 ) tcpdump-debuginfo-4.9.2-14.14.1.x86_64.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Server 12-SP4 ) tcpdump-debugsource-4.9.2-14.14.1.x86_64.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Desktop 12-SP4 ) libpcap-debugsource-1.8.1-10.3.1.x86_64_SP4.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Desktop 12-SP4 ) libpcap1-1.8.1-10.3.1.x86_64_SP4.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Desktop 12-SP4 ) libpcap1-32bit-1.8.1-10.3.1.x86_64.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Desktop 12-SP4 ) libpcap1-debuginfo-1.8.1-10.3.1.x86_64_SP4.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Desktop 12-SP4 ) libpcap1-debuginfo-32bit-1.8.1-10.3.1.x86_64.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Desktop 12-SP4 ) tcpdump-4.9.2-14.14.1.x86_64_SP4.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Desktop 12-SP4 ) tcpdump-debuginfo-4.9.2-14.14.1.x86_64_SP4.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Desktop 12-SP4 ) tcpdump-debugsource-4.9.2-14.14.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:3360-1(SUSE Linux Enterprise Server 12-SP5 ) tcpdump-4.9.2-14.17.1.x86_64.rpmLinux
SUSE-SU-2020:3360-1(SUSE Linux Enterprise Server 12-SP5 ) tcpdump-debuginfo-4.9.2-14.17.1.x86_64.rpmLinux
SUSE-SU-2020:3360-1(SUSE Linux Enterprise Server 12-SP5 ) tcpdump-debugsource-4.9.2-14.17.1.x86_64.rpmLinux
SUSE-SU-2022:0505-1(SUSE Linux Enterprise Server 12-SP5 ) tcpdump-4.9.2-14.20.1.x86_64.rpmLinux
SUSE-SU-2022:0505-1(SUSE Linux Enterprise Server 12-SP5 ) tcpdump-debuginfo-4.9.2-14.20.1.x86_64.rpmLinux
SUSE-SU-2022:0505-1(SUSE Linux Enterprise Server 12-SP5 ) tcpdump-debugsource-4.9.2-14.20.1.x86_64.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Server 12-SP5 ) libpcap-debugsource-1.8.1-10.3.1.x86_64_12_SP5.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Server 12-SP5 ) libpcap1-1.8.1-10.3.1.x86_64_12_SP5.rpmLinux
SUSE-SU-2019:2669-1(SUSE Linux Enterprise Server 12-SP5 ) libpcap1-debuginfo-1.8.1-10.3.1.x86_64_12_SP5.rpmLinux
command-line network traffic analyzer (USN-5331-2) tcpdump_4.9.3-4ubuntu0.1_amd64.debLinux
command-line network traffic analyzer (USN-5331-2) tcpdump_4.9.3-0ubuntu0.18.04.2_i386.debLinux
command-line network traffic analyzer (USN-5331-2) tcpdump_4.9.3-0ubuntu0.18.04.2_amd64.debLinux
Buffer Copy without Checking Size of Input (Classic Buffer Overflow) Vulnerability (CVE-2018-16301)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-602673MacOS Catalina 10.15.7 - Auto Reboot
PATCH-602674macOS Catalina 10.15.7 Combo Update - Auto Reboot

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234