SUSE-SU-2017:2854-1
Vulnerability from csaf_suse - Published: 2017-10-26 07:44 - Updated: 2017-10-26 07:44Summary
Security update for tcpdump
Severity
Moderate
Notes
Title of the patch: Security update for tcpdump
Description of the patch: This update for tcpdump to version 4.9.2 fixes several issues.
These security issues were fixed:
- CVE-2017-11108: Prevent remote attackers to cause DoS (heap-based buffer over-read and application crash) via crafted packet data. The crash occured in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol (bsc#1047873, bsc#1057247).
- CVE-2017-11543: Prevent buffer overflow in the sliplink_print function in print-sl.c that allowed remote DoS (bsc#1057247).
- CVE-2017-13011: Prevent buffer overflow in bittok2str_internal() that allowed remote DoS (bsc#1057247)
- CVE-2017-12989: Prevent infinite loop in the RESP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12990: Prevent infinite loop in the ISAKMP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12995: Prevent infinite loop in the DNS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12997: Prevent infinite loop in the LLDP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-11541: Prevent heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c that allowed remote DoS (bsc#1057247).
- CVE-2017-11542: Prevent heap-based buffer over-read in the pimv1_print function in print-pim.c that allowed remote DoS (bsc#1057247).
- CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12894: Prevent buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247)
- CVE-2017-12895: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12896: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12897: Prevent buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12898: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12899: Prevent buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12900: Prevent buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247)
- CVE-2017-12901: Prevent buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12902: Prevent buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12985: Prevent buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12986: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12987: Prevent buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12988: Prevent buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12991: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12992: Prevent buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12993: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12994: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12996: Prevent buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12998: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-12999: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13000: Prevent buffer over-read in the IEEE 802.15.4 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13001: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13002: Prevent buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13003: Prevent buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13004: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13005: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13006: Prevent buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13007: Prevent buffer over-read in the Apple PKTAP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13008: Prevent buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13009: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13010: Prevent buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13012: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13013: Prevent buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13014: Prevent buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13015: Prevent buffer over-read in the EAP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13016: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13017: Prevent buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13018: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13019: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13020: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13021: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13022: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13023: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13024: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13025: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13026: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13027: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13028: Prevent buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13029: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13030: Prevent buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13031: Prevent buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13032: Prevent buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13033: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13034: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13035: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13036: Prevent buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13037: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13038: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13039: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13040: Prevent buffer over-read in the MPTCP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13041: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13042: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13043: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13044: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13045: Prevent buffer over-read in the VQP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13046: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13047: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13048: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13049: Prevent buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13050: Prevent buffer over-read in the RPKI-Router parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13051: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13052: Prevent buffer over-read in the CFM parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13053: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13054: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13055: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13687: Prevent buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13688: Prevent buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13689: Prevent buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13690: Prevent buffer over-read in the IKEv2 parser that allowed remote DoS (bsc#1057247)
- CVE-2017-13725: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)
- Prevent segmentation fault in ESP decoder with OpenSSL 1.1 (bsc#1057247)
Patchnames: SUSE-SLE-DESKTOP-12-SP2-2017-1776,SUSE-SLE-DESKTOP-12-SP3-2017-1776,SUSE-SLE-RPI-12-SP2-2017-1776,SUSE-SLE-SERVER-12-SP2-2017-1776,SUSE-SLE-SERVER-12-SP3-2017-1776
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.3 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
9.8 (Critical)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tcpdump",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for tcpdump to version 4.9.2 fixes several issues.\n\nThese security issues were fixed:\n\n- CVE-2017-11108: Prevent remote attackers to cause DoS (heap-based buffer over-read and application crash) via crafted packet data. The crash occured in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol (bsc#1047873, bsc#1057247).\n- CVE-2017-11543: Prevent buffer overflow in the sliplink_print function in print-sl.c that allowed remote DoS (bsc#1057247).\n- CVE-2017-13011: Prevent buffer overflow in bittok2str_internal() that allowed remote DoS (bsc#1057247)\n- CVE-2017-12989: Prevent infinite loop in the RESP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12990: Prevent infinite loop in the ISAKMP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12995: Prevent infinite loop in the DNS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12997: Prevent infinite loop in the LLDP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-11541: Prevent heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c that allowed remote DoS (bsc#1057247).\n- CVE-2017-11542: Prevent heap-based buffer over-read in the pimv1_print function in print-pim.c that allowed remote DoS (bsc#1057247).\n- CVE-2017-12893: Prevent buffer over-read in the SMB/CIFS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12894: Prevent buffer over-read in several protocol parsers that allowed remote DoS (bsc#1057247)\n- CVE-2017-12895: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12896: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12897: Prevent buffer over-read in the ISO CLNS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12898: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12899: Prevent buffer over-read in the DECnet parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12900: Prevent buffer over-read in the in several protocol parsers that allowed remote DoS (bsc#1057247)\n- CVE-2017-12901: Prevent buffer over-read in the EIGRP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12902: Prevent buffer over-read in the Zephyr parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12985: Prevent buffer over-read in the IPv6 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12986: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12987: Prevent buffer over-read in the 802.11 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12988: Prevent buffer over-read in the telnet parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12991: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12992: Prevent buffer over-read in the RIPng parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12993: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12994: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12996: Prevent buffer over-read in the PIMv2 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12998: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-12999: Prevent buffer over-read in the IS-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13000: Prevent buffer over-read in the IEEE 802.15.4 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13001: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13002: Prevent buffer over-read in the AODV parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13003: Prevent buffer over-read in the LMP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13004: Prevent buffer over-read in the Juniper protocols parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13005: Prevent buffer over-read in the NFS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13006: Prevent buffer over-read in the L2TP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13007: Prevent buffer over-read in the Apple PKTAP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13008: Prevent buffer over-read in the IEEE 802.11 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13009: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13010: Prevent buffer over-read in the BEEP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13012: Prevent buffer over-read in the ICMP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13013: Prevent buffer over-read in the ARP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13014: Prevent buffer over-read in the White Board protocol parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13015: Prevent buffer over-read in the EAP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13016: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13017: Prevent buffer over-read in the DHCPv6 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13018: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13019: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13020: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13021: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13022: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13023: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13024: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13025: Prevent buffer over-read in the IPv6 mobility parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13026: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13027: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13028: Prevent buffer over-read in the BOOTP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13029: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13030: Prevent buffer over-read in the PIM parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13031: Prevent buffer over-read in the IPv6 fragmentation header parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13032: Prevent buffer over-read in the RADIUS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13033: Prevent buffer over-read in the VTP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13034: Prevent buffer over-read in the PGM parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13035: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13036: Prevent buffer over-read in the OSPFv3 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13037: Prevent buffer over-read in the IP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13038: Prevent buffer over-read in the PPP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13039: Prevent buffer over-read in the ISAKMP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13040: Prevent buffer over-read in the MPTCP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13041: Prevent buffer over-read in the ICMPv6 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13042: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13043: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13044: Prevent buffer over-read in the HNCP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13045: Prevent buffer over-read in the VQP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13046: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13047: Prevent buffer over-read in the ISO ES-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13048: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13049: Prevent buffer over-read in the Rx protocol parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13050: Prevent buffer over-read in the RPKI-Router parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13051: Prevent buffer over-read in the RSVP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13052: Prevent buffer over-read in the CFM parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13053: Prevent buffer over-read in the BGP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13054: Prevent buffer over-read in the LLDP parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13055: Prevent buffer over-read in the ISO IS-IS parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13687: Prevent buffer over-read in the Cisco HDLC parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13688: Prevent buffer over-read in the OLSR parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13689: Prevent buffer over-read in the IKEv1 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13690: Prevent buffer over-read in the IKEv2 parser that allowed remote DoS (bsc#1057247)\n- CVE-2017-13725: Prevent buffer over-read in the IPv6 routing header parser that allowed remote DoS (bsc#1057247)\n- Prevent segmentation fault in ESP decoder with OpenSSL 1.1 (bsc#1057247)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP2-2017-1776,SUSE-SLE-DESKTOP-12-SP3-2017-1776,SUSE-SLE-RPI-12-SP2-2017-1776,SUSE-SLE-SERVER-12-SP2-2017-1776,SUSE-SLE-SERVER-12-SP3-2017-1776",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2854-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2854-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172854-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2854-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-October/003355.html"
},
{
"category": "self",
"summary": "SUSE Bug 1047873",
"url": "https://bugzilla.suse.com/1047873"
},
{
"category": "self",
"summary": "SUSE Bug 1057247",
"url": "https://bugzilla.suse.com/1057247"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11108 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11541 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11542 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11543 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12893 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12894 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12895 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12896 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12897 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12898 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12899 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12900 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12901 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12902 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12902/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12985 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12986 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12987 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12988 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12989 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12990 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12991 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12992 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12993 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12994 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12995 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12996 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12997 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12998 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12999 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13000 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13001 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13002 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13003 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13004 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13005 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13006 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13007 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13008 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13009 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13010 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13011 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13012 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13013 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13014 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13015 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13016 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13017 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13018 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13019 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13020 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13021 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13022 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13023 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13024 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13025 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13026 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13027 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13028 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13029 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13030 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13031 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13032 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13033 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13033/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13034 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13035 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13036 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13037 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13038 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13039 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13040 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13041 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13042 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13043 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13044 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13045 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13046 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13047 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13048 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13048/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13049 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13050 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13050/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13051 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13052 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13053 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13054 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13055 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13687 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13688 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13689 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13690 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13725 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13725/"
}
],
"title": "Security update for tcpdump",
"tracking": {
"current_release_date": "2017-10-26T07:44:55Z",
"generator": {
"date": "2017-10-26T07:44:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2854-1",
"initial_release_date": "2017-10-26T07:44:55Z",
"revision_history": [
{
"date": "2017-10-26T07:44:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.5.1.aarch64",
"product": {
"name": "tcpdump-4.9.2-14.5.1.aarch64",
"product_id": "tcpdump-4.9.2-14.5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.5.1.ppc64le",
"product": {
"name": "tcpdump-4.9.2-14.5.1.ppc64le",
"product_id": "tcpdump-4.9.2-14.5.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.5.1.s390x",
"product": {
"name": "tcpdump-4.9.2-14.5.1.s390x",
"product_id": "tcpdump-4.9.2-14.5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tcpdump-4.9.2-14.5.1.x86_64",
"product": {
"name": "tcpdump-4.9.2-14.5.1.x86_64",
"product_id": "tcpdump-4.9.2-14.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-14.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-14.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64"
},
"product_reference": "tcpdump-4.9.2-14.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64"
},
"product_reference": "tcpdump-4.9.2-14.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le"
},
"product_reference": "tcpdump-4.9.2-14.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x"
},
"product_reference": "tcpdump-4.9.2-14.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-14.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64"
},
"product_reference": "tcpdump-4.9.2-14.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le"
},
"product_reference": "tcpdump-4.9.2-14.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x"
},
"product_reference": "tcpdump-4.9.2-14.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-14.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64"
},
"product_reference": "tcpdump-4.9.2-14.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le"
},
"product_reference": "tcpdump-4.9.2-14.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x"
},
"product_reference": "tcpdump-4.9.2-14.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-14.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64"
},
"product_reference": "tcpdump-4.9.2-14.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le"
},
"product_reference": "tcpdump-4.9.2-14.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x"
},
"product_reference": "tcpdump-4.9.2-14.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tcpdump-4.9.2-14.5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
},
"product_reference": "tcpdump-4.9.2-14.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-11108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11108"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11108",
"url": "https://www.suse.com/security/cve/CVE-2017-11108"
},
{
"category": "external",
"summary": "SUSE Bug 1047873 for CVE-2017-11108",
"url": "https://bugzilla.suse.com/1047873"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-11108",
"url": "https://bugzilla.suse.com/1057247"
},
{
"category": "external",
"summary": "SUSE Bug 1123142 for CVE-2017-11108",
"url": "https://bugzilla.suse.com/1123142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-11108"
},
{
"cve": "CVE-2017-11541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11541"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump 4.9.0 has a heap-based buffer over-read in the lldp_print function in print-lldp.c, related to util-print.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11541",
"url": "https://www.suse.com/security/cve/CVE-2017-11541"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-11541",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-11541",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-11541",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-11541",
"url": "https://bugzilla.suse.com/1057247"
},
{
"category": "external",
"summary": "SUSE Bug 1123142 for CVE-2017-11541",
"url": "https://bugzilla.suse.com/1123142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-11541"
},
{
"cve": "CVE-2017-11542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11542"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump 4.9.0 has a heap-based buffer over-read in the pimv1_print function in print-pim.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11542",
"url": "https://www.suse.com/security/cve/CVE-2017-11542"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-11542",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-11542",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-11542",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-11542",
"url": "https://bugzilla.suse.com/1057247"
},
{
"category": "external",
"summary": "SUSE Bug 1123142 for CVE-2017-11542",
"url": "https://bugzilla.suse.com/1123142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-11542"
},
{
"cve": "CVE-2017-11543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11543"
}
],
"notes": [
{
"category": "general",
"text": "tcpdump 4.9.0 has a buffer overflow in the sliplink_print function in print-sl.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11543",
"url": "https://www.suse.com/security/cve/CVE-2017-11543"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-11543",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-11543",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-11543",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-11543",
"url": "https://bugzilla.suse.com/1057247"
},
{
"category": "external",
"summary": "SUSE Bug 1123142 for CVE-2017-11543",
"url": "https://bugzilla.suse.com/1123142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-11543"
},
{
"cve": "CVE-2017-12893",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12893"
}
],
"notes": [
{
"category": "general",
"text": "The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12893",
"url": "https://www.suse.com/security/cve/CVE-2017-12893"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12893",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12893",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12893",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12893",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12893"
},
{
"cve": "CVE-2017-12894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12894"
}
],
"notes": [
{
"category": "general",
"text": "Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12894",
"url": "https://www.suse.com/security/cve/CVE-2017-12894"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12894",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12894",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12894",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12894",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12894"
},
{
"cve": "CVE-2017-12895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12895"
}
],
"notes": [
{
"category": "general",
"text": "The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12895",
"url": "https://www.suse.com/security/cve/CVE-2017-12895"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12895",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12895",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12895",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12895",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12895"
},
{
"cve": "CVE-2017-12896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12896"
}
],
"notes": [
{
"category": "general",
"text": "The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12896",
"url": "https://www.suse.com/security/cve/CVE-2017-12896"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12896",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12896",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12896",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12896",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12896"
},
{
"cve": "CVE-2017-12897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12897"
}
],
"notes": [
{
"category": "general",
"text": "The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12897",
"url": "https://www.suse.com/security/cve/CVE-2017-12897"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12897",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12897",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12897",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12897",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12897"
},
{
"cve": "CVE-2017-12898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12898"
}
],
"notes": [
{
"category": "general",
"text": "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12898",
"url": "https://www.suse.com/security/cve/CVE-2017-12898"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12898",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12898",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12898",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12898",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12898"
},
{
"cve": "CVE-2017-12899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12899"
}
],
"notes": [
{
"category": "general",
"text": "The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12899",
"url": "https://www.suse.com/security/cve/CVE-2017-12899"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12899",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12899",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12899",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12899",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12899"
},
{
"cve": "CVE-2017-12900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12900"
}
],
"notes": [
{
"category": "general",
"text": "Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12900",
"url": "https://www.suse.com/security/cve/CVE-2017-12900"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12900",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12900",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12900",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12900",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12900"
},
{
"cve": "CVE-2017-12901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12901"
}
],
"notes": [
{
"category": "general",
"text": "The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12901",
"url": "https://www.suse.com/security/cve/CVE-2017-12901"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12901",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12901",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12901",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12901",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12901"
},
{
"cve": "CVE-2017-12902",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12902"
}
],
"notes": [
{
"category": "general",
"text": "The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12902",
"url": "https://www.suse.com/security/cve/CVE-2017-12902"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12902",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12902",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12902",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12902",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12902"
},
{
"cve": "CVE-2017-12985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12985"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12985",
"url": "https://www.suse.com/security/cve/CVE-2017-12985"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12985",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12985",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12985",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12985",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12985"
},
{
"cve": "CVE-2017-12986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12986"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12986",
"url": "https://www.suse.com/security/cve/CVE-2017-12986"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12986",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12986",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12986",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12986",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12986"
},
{
"cve": "CVE-2017-12987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12987"
}
],
"notes": [
{
"category": "general",
"text": "The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12987",
"url": "https://www.suse.com/security/cve/CVE-2017-12987"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12987",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12987",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12987",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12987",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12987"
},
{
"cve": "CVE-2017-12988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12988"
}
],
"notes": [
{
"category": "general",
"text": "The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12988",
"url": "https://www.suse.com/security/cve/CVE-2017-12988"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12988",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12988",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12988",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12988",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12988"
},
{
"cve": "CVE-2017-12989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12989"
}
],
"notes": [
{
"category": "general",
"text": "The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12989",
"url": "https://www.suse.com/security/cve/CVE-2017-12989"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12989",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12989",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12989",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12989",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12989"
},
{
"cve": "CVE-2017-12990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12990"
}
],
"notes": [
{
"category": "general",
"text": "The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12990",
"url": "https://www.suse.com/security/cve/CVE-2017-12990"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12990",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12990",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12990",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12990",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12990"
},
{
"cve": "CVE-2017-12991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12991"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12991",
"url": "https://www.suse.com/security/cve/CVE-2017-12991"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12991",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12991",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12991",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12991",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12991"
},
{
"cve": "CVE-2017-12992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12992"
}
],
"notes": [
{
"category": "general",
"text": "The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12992",
"url": "https://www.suse.com/security/cve/CVE-2017-12992"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12992",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12992",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12992",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12992",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12992"
},
{
"cve": "CVE-2017-12993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12993"
}
],
"notes": [
{
"category": "general",
"text": "The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12993",
"url": "https://www.suse.com/security/cve/CVE-2017-12993"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12993",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12993",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12993",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12993",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12993"
},
{
"cve": "CVE-2017-12994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12994"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12994",
"url": "https://www.suse.com/security/cve/CVE-2017-12994"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12994",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12994",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12994",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12994",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12994"
},
{
"cve": "CVE-2017-12995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12995"
}
],
"notes": [
{
"category": "general",
"text": "The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12995",
"url": "https://www.suse.com/security/cve/CVE-2017-12995"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12995",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12995",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12995",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12995",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12995"
},
{
"cve": "CVE-2017-12996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12996"
}
],
"notes": [
{
"category": "general",
"text": "The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12996",
"url": "https://www.suse.com/security/cve/CVE-2017-12996"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12996",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12996",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12996",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12996",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12996"
},
{
"cve": "CVE-2017-12997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12997"
}
],
"notes": [
{
"category": "general",
"text": "The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12997",
"url": "https://www.suse.com/security/cve/CVE-2017-12997"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12997",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12997",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12997",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12997",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12997"
},
{
"cve": "CVE-2017-12998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12998"
}
],
"notes": [
{
"category": "general",
"text": "The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12998",
"url": "https://www.suse.com/security/cve/CVE-2017-12998"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12998",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12998",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12998",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12998",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12998"
},
{
"cve": "CVE-2017-12999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12999"
}
],
"notes": [
{
"category": "general",
"text": "The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12999",
"url": "https://www.suse.com/security/cve/CVE-2017-12999"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-12999",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-12999",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-12999",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-12999",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12999"
},
{
"cve": "CVE-2017-13000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13000"
}
],
"notes": [
{
"category": "general",
"text": "The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13000",
"url": "https://www.suse.com/security/cve/CVE-2017-13000"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13000",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13000",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13000",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13000",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13000"
},
{
"cve": "CVE-2017-13001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13001"
}
],
"notes": [
{
"category": "general",
"text": "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13001",
"url": "https://www.suse.com/security/cve/CVE-2017-13001"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13001",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13001",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13001",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13001",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13001"
},
{
"cve": "CVE-2017-13002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13002"
}
],
"notes": [
{
"category": "general",
"text": "The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13002",
"url": "https://www.suse.com/security/cve/CVE-2017-13002"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13002",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13002",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13002",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13002",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13002"
},
{
"cve": "CVE-2017-13003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13003"
}
],
"notes": [
{
"category": "general",
"text": "The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13003",
"url": "https://www.suse.com/security/cve/CVE-2017-13003"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13003",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13003",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13003",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13003",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13003"
},
{
"cve": "CVE-2017-13004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13004"
}
],
"notes": [
{
"category": "general",
"text": "The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13004",
"url": "https://www.suse.com/security/cve/CVE-2017-13004"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13004",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13004",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13004",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13004",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13004"
},
{
"cve": "CVE-2017-13005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13005"
}
],
"notes": [
{
"category": "general",
"text": "The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13005",
"url": "https://www.suse.com/security/cve/CVE-2017-13005"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13005",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13005",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13005",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13005",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13005"
},
{
"cve": "CVE-2017-13006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13006"
}
],
"notes": [
{
"category": "general",
"text": "The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13006",
"url": "https://www.suse.com/security/cve/CVE-2017-13006"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13006",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13006",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13006",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13006",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13006"
},
{
"cve": "CVE-2017-13007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13007"
}
],
"notes": [
{
"category": "general",
"text": "The Apple PKTAP parser in tcpdump before 4.9.2 has a buffer over-read in print-pktap.c:pktap_if_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13007",
"url": "https://www.suse.com/security/cve/CVE-2017-13007"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13007",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13007",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13007",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13007",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13007"
},
{
"cve": "CVE-2017-13008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13008"
}
],
"notes": [
{
"category": "general",
"text": "The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13008",
"url": "https://www.suse.com/security/cve/CVE-2017-13008"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13008",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13008",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13008",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13008",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13008"
},
{
"cve": "CVE-2017-13009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13009"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13009",
"url": "https://www.suse.com/security/cve/CVE-2017-13009"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13009",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13009",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13009",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13009",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13009"
},
{
"cve": "CVE-2017-13010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13010"
}
],
"notes": [
{
"category": "general",
"text": "The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13010",
"url": "https://www.suse.com/security/cve/CVE-2017-13010"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13010",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13010",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13010",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13010",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13010"
},
{
"cve": "CVE-2017-13011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13011"
}
],
"notes": [
{
"category": "general",
"text": "Several protocol parsers in tcpdump before 4.9.2 could cause a buffer overflow in util-print.c:bittok2str_internal().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13011",
"url": "https://www.suse.com/security/cve/CVE-2017-13011"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13011",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13011",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13011",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13011",
"url": "https://bugzilla.suse.com/1057247"
},
{
"category": "external",
"summary": "SUSE Bug 1123142 for CVE-2017-13011",
"url": "https://bugzilla.suse.com/1123142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13011"
},
{
"cve": "CVE-2017-13012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13012"
}
],
"notes": [
{
"category": "general",
"text": "The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13012",
"url": "https://www.suse.com/security/cve/CVE-2017-13012"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13012",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13012",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13012",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13012",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13012"
},
{
"cve": "CVE-2017-13013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13013"
}
],
"notes": [
{
"category": "general",
"text": "The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13013",
"url": "https://www.suse.com/security/cve/CVE-2017-13013"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13013",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13013",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13013",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13013",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13013"
},
{
"cve": "CVE-2017-13014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13014"
}
],
"notes": [
{
"category": "general",
"text": "The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13014",
"url": "https://www.suse.com/security/cve/CVE-2017-13014"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13014",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13014",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13014",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13014",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13014"
},
{
"cve": "CVE-2017-13015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13015"
}
],
"notes": [
{
"category": "general",
"text": "The EAP parser in tcpdump before 4.9.2 has a buffer over-read in print-eap.c:eap_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13015",
"url": "https://www.suse.com/security/cve/CVE-2017-13015"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13015",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13015",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13015",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13015",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13015"
},
{
"cve": "CVE-2017-13016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13016"
}
],
"notes": [
{
"category": "general",
"text": "The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13016",
"url": "https://www.suse.com/security/cve/CVE-2017-13016"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13016",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13016",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13016",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13016",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13016"
},
{
"cve": "CVE-2017-13017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13017"
}
],
"notes": [
{
"category": "general",
"text": "The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13017",
"url": "https://www.suse.com/security/cve/CVE-2017-13017"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13017",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13017",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13017",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13017",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13017"
},
{
"cve": "CVE-2017-13018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13018"
}
],
"notes": [
{
"category": "general",
"text": "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13018",
"url": "https://www.suse.com/security/cve/CVE-2017-13018"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13018",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13018",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13018",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13018",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13018"
},
{
"cve": "CVE-2017-13019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13019"
}
],
"notes": [
{
"category": "general",
"text": "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13019",
"url": "https://www.suse.com/security/cve/CVE-2017-13019"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13019",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13019",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13019",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13019",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13019"
},
{
"cve": "CVE-2017-13020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13020"
}
],
"notes": [
{
"category": "general",
"text": "The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13020",
"url": "https://www.suse.com/security/cve/CVE-2017-13020"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13020",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13020",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13020",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13020",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13020"
},
{
"cve": "CVE-2017-13021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13021"
}
],
"notes": [
{
"category": "general",
"text": "The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13021",
"url": "https://www.suse.com/security/cve/CVE-2017-13021"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13021",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13021",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13021",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13021",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13021"
},
{
"cve": "CVE-2017-13022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13022"
}
],
"notes": [
{
"category": "general",
"text": "The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13022",
"url": "https://www.suse.com/security/cve/CVE-2017-13022"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13022",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13022",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13022",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13022",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13022"
},
{
"cve": "CVE-2017-13023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13023"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13023",
"url": "https://www.suse.com/security/cve/CVE-2017-13023"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13023",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13023",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13023",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13023",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13023"
},
{
"cve": "CVE-2017-13024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13024"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13024",
"url": "https://www.suse.com/security/cve/CVE-2017-13024"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13024",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13024",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13024",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13024",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13024"
},
{
"cve": "CVE-2017-13025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13025"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13025",
"url": "https://www.suse.com/security/cve/CVE-2017-13025"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13025",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13025",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13025",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13025",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13025"
},
{
"cve": "CVE-2017-13026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13026"
}
],
"notes": [
{
"category": "general",
"text": "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13026",
"url": "https://www.suse.com/security/cve/CVE-2017-13026"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13026",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13026",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13026",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13026",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13026"
},
{
"cve": "CVE-2017-13027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13027"
}
],
"notes": [
{
"category": "general",
"text": "The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13027",
"url": "https://www.suse.com/security/cve/CVE-2017-13027"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13027",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13027",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13027",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13027",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13027"
},
{
"cve": "CVE-2017-13028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13028"
}
],
"notes": [
{
"category": "general",
"text": "The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13028",
"url": "https://www.suse.com/security/cve/CVE-2017-13028"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13028",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13028",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13028",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13028",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13028"
},
{
"cve": "CVE-2017-13029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13029"
}
],
"notes": [
{
"category": "general",
"text": "The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13029",
"url": "https://www.suse.com/security/cve/CVE-2017-13029"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13029",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13029",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13029",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13029",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13029"
},
{
"cve": "CVE-2017-13030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13030"
}
],
"notes": [
{
"category": "general",
"text": "The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13030",
"url": "https://www.suse.com/security/cve/CVE-2017-13030"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13030",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13030",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13030",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13030",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13030"
},
{
"cve": "CVE-2017-13031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13031"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13031",
"url": "https://www.suse.com/security/cve/CVE-2017-13031"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13031",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13031",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13031",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13031",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13031"
},
{
"cve": "CVE-2017-13032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13032"
}
],
"notes": [
{
"category": "general",
"text": "The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13032",
"url": "https://www.suse.com/security/cve/CVE-2017-13032"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13032",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13032",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13032",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13032",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13032"
},
{
"cve": "CVE-2017-13033",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13033"
}
],
"notes": [
{
"category": "general",
"text": "The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13033",
"url": "https://www.suse.com/security/cve/CVE-2017-13033"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13033",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13033",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13033",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13033",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13033"
},
{
"cve": "CVE-2017-13034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13034"
}
],
"notes": [
{
"category": "general",
"text": "The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13034",
"url": "https://www.suse.com/security/cve/CVE-2017-13034"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13034",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13034",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13034",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13034",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13034"
},
{
"cve": "CVE-2017-13035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13035"
}
],
"notes": [
{
"category": "general",
"text": "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13035",
"url": "https://www.suse.com/security/cve/CVE-2017-13035"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13035",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13035",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13035",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13035",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13035"
},
{
"cve": "CVE-2017-13036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13036"
}
],
"notes": [
{
"category": "general",
"text": "The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13036",
"url": "https://www.suse.com/security/cve/CVE-2017-13036"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13036",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13036",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13036",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13036",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13036"
},
{
"cve": "CVE-2017-13037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13037"
}
],
"notes": [
{
"category": "general",
"text": "The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13037",
"url": "https://www.suse.com/security/cve/CVE-2017-13037"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13037",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13037",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13037",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13037",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13037"
},
{
"cve": "CVE-2017-13038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13038"
}
],
"notes": [
{
"category": "general",
"text": "The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13038",
"url": "https://www.suse.com/security/cve/CVE-2017-13038"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13038",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13038",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13038",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13038",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13038"
},
{
"cve": "CVE-2017-13039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13039"
}
],
"notes": [
{
"category": "general",
"text": "The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13039",
"url": "https://www.suse.com/security/cve/CVE-2017-13039"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13039",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13039",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13039",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13039",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13039"
},
{
"cve": "CVE-2017-13040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13040"
}
],
"notes": [
{
"category": "general",
"text": "The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13040",
"url": "https://www.suse.com/security/cve/CVE-2017-13040"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13040",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13040",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13040",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13040",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13040"
},
{
"cve": "CVE-2017-13041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13041"
}
],
"notes": [
{
"category": "general",
"text": "The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13041",
"url": "https://www.suse.com/security/cve/CVE-2017-13041"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13041",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13041",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13041",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13041",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13041"
},
{
"cve": "CVE-2017-13042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13042"
}
],
"notes": [
{
"category": "general",
"text": "The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13042",
"url": "https://www.suse.com/security/cve/CVE-2017-13042"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13042",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13042",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13042",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13042",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13042"
},
{
"cve": "CVE-2017-13043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13043"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13043",
"url": "https://www.suse.com/security/cve/CVE-2017-13043"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13043",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13043",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13043",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13043",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13043"
},
{
"cve": "CVE-2017-13044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13044"
}
],
"notes": [
{
"category": "general",
"text": "The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13044",
"url": "https://www.suse.com/security/cve/CVE-2017-13044"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13044",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13044",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13044",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13044",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13044"
},
{
"cve": "CVE-2017-13045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13045"
}
],
"notes": [
{
"category": "general",
"text": "The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13045",
"url": "https://www.suse.com/security/cve/CVE-2017-13045"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13045",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13045",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13045",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13045",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13045"
},
{
"cve": "CVE-2017-13046",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13046"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13046",
"url": "https://www.suse.com/security/cve/CVE-2017-13046"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13046",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13046",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13046",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13046",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13046"
},
{
"cve": "CVE-2017-13047",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13047"
}
],
"notes": [
{
"category": "general",
"text": "The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13047",
"url": "https://www.suse.com/security/cve/CVE-2017-13047"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13047",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13047",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13047",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13047",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13047"
},
{
"cve": "CVE-2017-13048",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13048"
}
],
"notes": [
{
"category": "general",
"text": "The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13048",
"url": "https://www.suse.com/security/cve/CVE-2017-13048"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13048",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13048",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13048",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13048",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13048"
},
{
"cve": "CVE-2017-13049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13049"
}
],
"notes": [
{
"category": "general",
"text": "The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13049",
"url": "https://www.suse.com/security/cve/CVE-2017-13049"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13049",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13049",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13049",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13049",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13049"
},
{
"cve": "CVE-2017-13050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13050"
}
],
"notes": [
{
"category": "general",
"text": "The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13050",
"url": "https://www.suse.com/security/cve/CVE-2017-13050"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13050",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13050",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13050",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13050",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13050"
},
{
"cve": "CVE-2017-13051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13051"
}
],
"notes": [
{
"category": "general",
"text": "The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13051",
"url": "https://www.suse.com/security/cve/CVE-2017-13051"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13051",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13051",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13051",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13051",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13051"
},
{
"cve": "CVE-2017-13052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13052"
}
],
"notes": [
{
"category": "general",
"text": "The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13052",
"url": "https://www.suse.com/security/cve/CVE-2017-13052"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13052",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13052",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13052",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13052",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13052"
},
{
"cve": "CVE-2017-13053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13053"
}
],
"notes": [
{
"category": "general",
"text": "The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13053",
"url": "https://www.suse.com/security/cve/CVE-2017-13053"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13053",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13053",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13053",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13053",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13053"
},
{
"cve": "CVE-2017-13054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13054"
}
],
"notes": [
{
"category": "general",
"text": "The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13054",
"url": "https://www.suse.com/security/cve/CVE-2017-13054"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13054",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13054",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13054",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13054",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13054"
},
{
"cve": "CVE-2017-13055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13055"
}
],
"notes": [
{
"category": "general",
"text": "The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13055",
"url": "https://www.suse.com/security/cve/CVE-2017-13055"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13055",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13055",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13055",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13055",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13055"
},
{
"cve": "CVE-2017-13687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13687"
}
],
"notes": [
{
"category": "general",
"text": "The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13687",
"url": "https://www.suse.com/security/cve/CVE-2017-13687"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13687",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13687",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13687",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13687",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13687"
},
{
"cve": "CVE-2017-13688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13688"
}
],
"notes": [
{
"category": "general",
"text": "The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13688",
"url": "https://www.suse.com/security/cve/CVE-2017-13688"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13688",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13688",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13688",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13688",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13688"
},
{
"cve": "CVE-2017-13689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13689"
}
],
"notes": [
{
"category": "general",
"text": "The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13689",
"url": "https://www.suse.com/security/cve/CVE-2017-13689"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13689",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13689",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13689",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13689",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13689"
},
{
"cve": "CVE-2017-13690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13690"
}
],
"notes": [
{
"category": "general",
"text": "The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13690",
"url": "https://www.suse.com/security/cve/CVE-2017-13690"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13690",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13690",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13690",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13690",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13690"
},
{
"cve": "CVE-2017-13725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13725"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13725",
"url": "https://www.suse.com/security/cve/CVE-2017-13725"
},
{
"category": "external",
"summary": "SUSE Bug 1050219 for CVE-2017-13725",
"url": "https://bugzilla.suse.com/1050219"
},
{
"category": "external",
"summary": "SUSE Bug 1050222 for CVE-2017-13725",
"url": "https://bugzilla.suse.com/1050222"
},
{
"category": "external",
"summary": "SUSE Bug 1050225 for CVE-2017-13725",
"url": "https://bugzilla.suse.com/1050225"
},
{
"category": "external",
"summary": "SUSE Bug 1057247 for CVE-2017-13725",
"url": "https://bugzilla.suse.com/1057247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:tcpdump-4.9.2-14.5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:tcpdump-4.9.2-14.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-26T07:44:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-13725"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…