CVE-2007-3798 — CRITICAL (9.8)

Q: How severe is CVE-2007-3798?

CVE-2007-3798 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2007-3798?

Check the references section above for vendor advisories and patch information. Affected products include: Tcpdump Tcpdump, Canonical Ubuntu Linux, Debian Debian Linux, Slackware Slackware, Freebsd Freebsd.

Vulnerability Description

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Tcpdump	Tcpdump	<= 3.9.6
Canonical	Ubuntu Linux	6.06
Debian	Debian Linux	3.1
Slackware	Slackware	9.0
Freebsd	Freebsd	>= 5.0, < 5.5
Apple	Mac Os X	>= 10.0.0, < 10.4.11
Apple	Mac Os X Server	>= 10.0.0, < 10.4.11

Related Weaknesses (CWE)

CWE-252

References

http://bugs.gentoo.org/show_bug.cgi?id=184815Third Party Advisory
http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-bgp.c?r1=1.91.2.11&r2=1.91.2Broken Link
http://docs.info.apple.com/article.html?artnum=307179Broken Link
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.htmlMailing List
http://secunia.com/advisories/26135Broken LinkVendor Advisory
http://secunia.com/advisories/26168Broken LinkVendor Advisory
http://secunia.com/advisories/26223Broken LinkVendor Advisory
http://secunia.com/advisories/26231Broken LinkVendor Advisory
http://secunia.com/advisories/26263Broken LinkVendor Advisory
http://secunia.com/advisories/26266Broken LinkVendor Advisory
http://secunia.com/advisories/26286Broken LinkVendor Advisory
http://secunia.com/advisories/26395Broken LinkVendor Advisory
http://secunia.com/advisories/26404Broken LinkVendor Advisory
http://secunia.com/advisories/26521Broken LinkVendor Advisory
http://secunia.com/advisories/27580Broken LinkVendor Advisory

FAQ

What is CVE-2007-3798?

CVE-2007-3798 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return val...

How severe is CVE-2007-3798?

CVE-2007-3798 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2007-3798?

Check the references section above for vendor advisories and patch information. Affected products include: Tcpdump Tcpdump, Canonical Ubuntu Linux, Debian Debian Linux, Slackware Slackware, Freebsd Freebsd.