CVE-2014-8768 — Vulnetix

Try Vulnetix Request Demo

CVE-2014-8768 PUBLISHED

Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame.

EPSS 28.31% · 96.5th percentile

Risk Scores

EPSS Score

28.31%

96.5th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:14.04:LTS	tcpdump	0, 4.4.0-1ubuntu1, 4.5.1-2ubuntu1

Timeline

Nov 20, 2014 CVE Published
Nov 24, 2014 PoC Published
Jun 20, 2016 PoC Published
Apr 30, 2017 PoC Published
Jul 20, 2018 PoC Published
Feb 4, 2022 EPSS Score
Apr 10, 2022 EPSS Score
Apr 23, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2014-8768 third-party-advisory
http://www.securityfocus.com/archive/1/534010/30/0/threaded third-party-advisory
https://ubuntu.com/security/notices/USN-2433-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2014-8768 third-party-advisory

Open in Interactive Console →