CVE-2007-3798

Name: CVE-2007-3798
Creator: NVD / NIST
Published: 2007-07-16T22:30:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

CRITICALCVSS 9.8/10EPSS 70.39%

Last modified Jun 16, 2026

CVE-2007-3798 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.. EPSS estimates a 70.39% chance of exploitation in the next 30 days.

Description

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.

Metrics

CVSS 3.1

9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

70.39%

99.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Tcpdump	Tcpdump	<= 3.9.6
Canonical	Ubuntu Linux	6.06
Canonical	Ubuntu Linux	6.10
Canonical	Ubuntu Linux	7.04
Debian	Debian Linux	3.1
Debian	Debian Linux	4.0
Slackware	Slackware	9.0
Slackware	Slackware	9.1
Slackware	Slackware	10.0
Slackware	Slackware	10.1
Slackware	Slackware	10.2
Slackware	Slackware	11.0
Slackware	Slackware	12.0
Freebsd	Freebsd	>= 5.0, < 5.5
Freebsd	Freebsd	>= 6.0, < 6.1
Freebsd	Freebsd	5.5
Freebsd	Freebsd	6.1
Freebsd	Freebsd	6.2
Apple	Mac Os X	>= 10.0.0, < 10.4.11
Apple	Mac Os X Server	>= 10.0.0, < 10.4.11

References

http://bugs.gentoo.org/show_bug.cgi?id=184815Third Party Advisory
http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-bgp.c?r1=1.91.2.11&r2=1.91.2.12Broken Link
http://docs.info.apple.com/article.html?artnum=307179Broken Link
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.htmlMailing List
http://secunia.com/advisories/26135Broken Link, Vendor Advisory
http://secunia.com/advisories/26168Broken Link, Vendor Advisory
http://secunia.com/advisories/26223Broken Link, Vendor Advisory
http://secunia.com/advisories/26231Broken Link, Vendor Advisory
http://secunia.com/advisories/26263Broken Link, Vendor Advisory
http://secunia.com/advisories/26266Broken Link, Vendor Advisory
http://secunia.com/advisories/26286Broken Link, Vendor Advisory
http://secunia.com/advisories/26395Broken Link, Vendor Advisory
http://secunia.com/advisories/26404Broken Link, Vendor Advisory
http://secunia.com/advisories/26521Broken Link, Vendor Advisory
http://secunia.com/advisories/27580Broken Link, Vendor Advisory
http://secunia.com/advisories/28136Broken Link, Vendor Advisory
http://security.freebsd.org/advisories/FreeBSD-SA-07:06.tcpdump.ascThird Party Advisory
http://security.gentoo.org/glsa/glsa-200707-14.xmlThird Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.449313Mailing List, Patch
http://www.debian.org/security/2007/dsa-1353Third Party Advisory
http://www.digit-labs.org/files/exploits/private/tcpdump-bgp.cExploit
http://www.mandriva.com/security/advisories?name=MDKSA-2007:148Third Party Advisory
http://www.novell.com/linux/security/advisories/2007_16_sr.htmlBroken Link
http://www.redhat.com/support/errata/RHSA-2007-0368.htmlBroken Link
http://www.redhat.com/support/errata/RHSA-2007-0387.htmlBroken Link, Vendor Advisory
http://www.securityfocus.com/archive/1/474225/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/24965Broken Link, Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1018434Broken Link, Third Party Advisory, VDB Entry
http://www.trustix.org/errata/2007/0023/Broken Link
http://www.turbolinux.com/security/2007/TLSA-2007-46.txtBroken Link
http://www.ubuntu.com/usn/usn-492-1Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA07-352A.htmlBroken Link, Third Party Advisory, US Government Resource
http://www.vupen.com/english/advisories/2007/2578Broken Link, Vendor Advisory
http://www.vupen.com/english/advisories/2007/4238Broken Link, Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9771Broken Link
http://bugs.gentoo.org/show_bug.cgi?id=184815Third Party Advisory
http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-bgp.c?r1=1.91.2.11&r2=1.91.2.12Broken Link
http://docs.info.apple.com/article.html?artnum=307179Broken Link
http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.htmlMailing List
http://secunia.com/advisories/26135Broken Link, Vendor Advisory
http://secunia.com/advisories/26168Broken Link, Vendor Advisory
http://secunia.com/advisories/26223Broken Link, Vendor Advisory
http://secunia.com/advisories/26231Broken Link, Vendor Advisory
http://secunia.com/advisories/26263Broken Link, Vendor Advisory
http://secunia.com/advisories/26266Broken Link, Vendor Advisory
http://secunia.com/advisories/26286Broken Link, Vendor Advisory
http://secunia.com/advisories/26395Broken Link, Vendor Advisory
http://secunia.com/advisories/26404Broken Link, Vendor Advisory
http://secunia.com/advisories/26521Broken Link, Vendor Advisory
http://secunia.com/advisories/27580Broken Link, Vendor Advisory
http://secunia.com/advisories/28136Broken Link, Vendor Advisory
http://security.freebsd.org/advisories/FreeBSD-SA-07:06.tcpdump.ascThird Party Advisory
http://security.gentoo.org/glsa/glsa-200707-14.xmlThird Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.449313Mailing List, Patch
http://www.debian.org/security/2007/dsa-1353Third Party Advisory
http://www.digit-labs.org/files/exploits/private/tcpdump-bgp.cExploit
http://www.mandriva.com/security/advisories?name=MDKSA-2007:148Third Party Advisory
http://www.novell.com/linux/security/advisories/2007_16_sr.htmlBroken Link
http://www.redhat.com/support/errata/RHSA-2007-0368.htmlBroken Link
http://www.redhat.com/support/errata/RHSA-2007-0387.htmlBroken Link, Vendor Advisory
http://www.securityfocus.com/archive/1/474225/100/0/threadedBroken Link, Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/24965Broken Link, Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1018434Broken Link, Third Party Advisory, VDB Entry
http://www.trustix.org/errata/2007/0023/Broken Link
http://www.turbolinux.com/security/2007/TLSA-2007-46.txtBroken Link
http://www.ubuntu.com/usn/usn-492-1Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA07-352A.htmlBroken Link, Third Party Advisory, US Government Resource
http://www.vupen.com/english/advisories/2007/2578Broken Link, Vendor Advisory
http://www.vupen.com/english/advisories/2007/4238Broken Link, Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9771Broken Link

Timeline

Published: Jul 16, 2007
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2007-3798?

How severe is CVE-2007-3798?

CVE-2007-3798 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 70.39% probability of exploitation in the next 30 days.

How do I fix CVE-2007-3798?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-3798?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST