Vulnerability Name:

CVE-2002-0380 (CCN-9216)

Assigned:2002-05-29
Published:2002-05-29
Updated:2016-10-18
Summary:Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CALDERA
Type: UNKNOWN
CSSA-2002-025.0

Source: CCN
Type: Caldera International, Inc. Security Advisory CSSA-2002-025.0
Linux: tcpdump AFS RPC and NFS packet vulnerabilities

Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-02:29
Buffer overflow in tcpdump when handling NFS packets

Source: MITRE
Type: CNA
CVE-2002-0380

Source: CONECTIVA
Type: UNKNOWN
CLA-2002:491

Source: CCN
Type: Conectiva Linux Announcement CLSA-2002:491
tcpdump

Source: BUGTRAQ
Type: UNKNOWN
20020606 TSLSA-2002-0055 - tcpdump

Source: FREEBSD
Type: UNKNOWN
FreeBSD-SA-02:29

Source: CCN
Type: Hewlett-Packard Company Security Advisory HPSBTL0205-044
Security vulnerability in tcpdump

Source: HP
Type: UNKNOWN
HPSBTL0205-044

Source: CCN
Type: RHSA-2002-094
Updated tcpdump packages fix buffer overflow

Source: CCN
Type: RHSA-2002-121
tcpdump security update

Source: CCN
Type: RHSA-2003-214
Updated tcpdump packages fix various vulnerabilities

Source: CCN
Type: TCPDump Web site
[ 586643 ] Buffer overflow in tcpdump

Source: DEBIAN
Type: UNKNOWN
DSA-255

Source: DEBIAN
Type: DSA-255
tcpdump -- infinite loop

Source: XF
Type: Vendor Advisory
tcpdump-nfs-bo(9216)

Source: CCN
Type: OpenPKG-SA-2004.002
tcpdump

Source: REDHAT
Type: UNKNOWN
RHSA-2002:094

Source: REDHAT
Type: UNKNOWN
RHSA-2002:121

Source: REDHAT
Type: UNKNOWN
RHSA-2003:214

Source: BID
Type: UNKNOWN
4890

Source: CCN
Type: BID-4890
TCPDump Malformed NFS Packet Buffer Overflow Vulnerability

Source: CCN
Type: Trustix Secure Linux Security Advisory #2002-0055
tcpdump

Source: XF
Type: UNKNOWN
tcpdump-nfs-bo(9216)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:lbl:tcpdump:*:*:*:*:*:*:*:* (Version <= 3.6.2)

    • Configuration CCN 1:
  • cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.2:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.6:-:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:1.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:1.3:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:pseries:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:iseries:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.debian:def:255
    V
    		infinite loop
    2003-02-27
    BACK
    lbl tcpdump *
    redhat linux 6.2
    trustix secure linux 1.1
    redhat linux 7
    conectiva linux 6.0
    redhat linux 7.1
    trustix secure linux 1.2
    conectiva linux 7.0
    trustix secure linux 1.5
    redhat linux 7.2
    conectiva linux 8.0
    redhat linux 7.3
    debian debian linux 3.0
    freebsd freebsd 4.6 -
    openpkg openpkg current
    openpkg openpkg 1.2
    redhat enterprise linux 2.1
    openpkg openpkg 1.3
    redhat linux 7.1
    redhat linux 7.1