CVE-2007-3798
Summary
| CVE | CVE-2007-3798 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-07-16 22:30:00 UTC |
| Updated | 2024-01-12 22:06:00 UTC |
| Description | Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. |
Risk And Classification
Problem Types: CWE-252
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Apple | Mac Os X | All | All | All | All |
| Operating System | Apple | Mac Os X Server | All | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 6.06 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 6.10 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 7.04 | All | All | All |
| Operating System | Debian | Debian Linux | 3.1 | All | All | All |
| Operating System | Debian | Debian Linux | 4.0 | All | All | All |
| Operating System | Freebsd | Freebsd | All | All | All | All |
| Operating System | Freebsd | Freebsd | 5.5 | - | All | All |
| Operating System | Freebsd | Freebsd | 5.5 | p1 | All | All |
| Operating System | Freebsd | Freebsd | 5.5 | p11 | All | All |
| Operating System | Freebsd | Freebsd | 5.5 | p12 | All | All |
| Operating System | Freebsd | Freebsd | 5.5 | p13 | All | All |
| Operating System | Freebsd | Freebsd | 5.5 | p14 | All | All |
| Operating System | Freebsd | Freebsd | 5.5 | p2 | All | All |
| Operating System | Freebsd | Freebsd | 5.5 | p3 | All | All |
| Operating System | Freebsd | Freebsd | 5.5 | p4 | All | All |
| Operating System | Freebsd | Freebsd | 5.5 | p5 | All | All |
| Operating System | Freebsd | Freebsd | 5.5 | p7 | All | All |
| Operating System | Freebsd | Freebsd | 5.5 | p8 | All | All |
| Operating System | Freebsd | Freebsd | 5.5 | p9 | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | - | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | p1 | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | p10 | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | p11 | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | p12 | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | p13 | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | p16 | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | p17 | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | p18 | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | p2 | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | p4 | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | p6 | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | p7 | All | All |
| Operating System | Freebsd | Freebsd | 6.1 | p9 | All | All |
| Operating System | Freebsd | Freebsd | 6.2 | - | All | All |
| Operating System | Freebsd | Freebsd | 6.2 | p1 | All | All |
| Operating System | Freebsd | Freebsd | 6.2 | p4 | All | All |
| Operating System | Freebsd | Freebsd | 6.2 | p5 | All | All |
| Operating System | Freebsd | Freebsd | 6.2 | p6 | All | All |
| Application | Slackware | Slackware | 10.0 | All | All | All |
| Application | Slackware | Slackware | 10.1 | All | All | All |
| Application | Slackware | Slackware | 10.2 | All | All | All |
| Application | Slackware | Slackware | 11.0 | All | All | All |
| Application | Slackware | Slackware | 12.0 | All | All | All |
| Application | Slackware | Slackware | 9.0 | All | All | All |
| Application | Slackware | Slackware | 9.1 | All | All | All |
| Application | Tcpdump | Tcpdump | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| FreeBSD-SA-07:06 | FREEBSD | security.freebsd.org | |
| Debian -- Security Information -- DSA-1353-1 tcpdump | DEBIAN | www.debian.org | |
| Apple Mac OS X Security Update Fixes Multiple Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| FreeBSD update for tcpdump - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| US-CERT Technical Cyber Security Alert TA07-352A -- Apple Updates for Multiple Vulnerabilities | CERT | www.us-cert.gov | US Government Resource |
| Gentoo Bug 184815 - net-analyzer/tcpdump <= 3.9.6 BGP dissector integer overflow (CVE-2007-3798) | CONFIRM | bugs.gentoo.org | |
| SUSE Update for Multiple Packages - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| Gentoo update for tcpdump - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| About Security Update 2007-009 | CONFIRM | docs.info.apple.com | |
| Slackware update for tcpdump - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| SecurityTracker.com Archives - Tcpdump Buffer Overflow in 'print-bgp.c' Lets Remote Users Execute Arbitrary Code | SECTRACK | www.securitytracker.com | |
| APPLE-SA-2007-12-17 Security Update 2007-009 | APPLE | lists.apple.com | |
| cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-bgp.c | MISC | cvs.tcpdump.org | |
| USN-492-1: tcpdump vulnerability | Ubuntu | UBUNTU | www.ubuntu.com | |
| tcpdump Print-bgp.C Remote Integer Underflow Vulnerability | BID | www.securityfocus.com | |
| tcpdump print-bgp.c Buffer Overflow Vulnerability - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| 404 Not Found | TURBO | www.turbolinux.com | |
| 2007-0023 | TRUSTIX | www.trustix.org | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Vendor Advisory |
| Mandriva update for tcpdump - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | Vendor Advisory |
| rPath update for tcpdump - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | Vendor Advisory |
| Ubuntu update for tcpdump - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| Debian update for tcpdump - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | Vendor Advisory |
| rhn.redhat.com | Red Hat Support | REDHAT | www.redhat.com | |
| Webmail - OVH | VUPEN | www.vupen.com | Vendor Advisory |
| Trustix Update for Multiple Packages - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| Gentoo Linux Documentation -- tcpdump: Integer overflow | GENTOO | security.gentoo.org | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| The Slackware Linux Project: Slackware Security Advisories | SLACKWARE | slackware.com | |
| Security Announcement | SUSE | www.novell.com | |
| www.digit-labs.org/files/exploits/private/tcpdump-bgp.c | MISC | www.digit-labs.org | |
| Red Hat update for tcpdump - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| rhn.redhat.com | Red Hat Support | REDHAT | www.redhat.com | Vendor Advisory |
| Advisories | Mandriva | MANDRIVA | www.mandriva.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
| Organization | Published | Contributor | Statement |
|---|---|---|---|
| Red Hat | 2007-07-31 | Joshua Bressers | This issue does not affect the version of tcpdump shipped in Red Hat Enterprise Linux 2.1 or 3. Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=250275 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/ |
There are currently no legacy QID mappings associated with this CVE.