I just needed the versions before 3.x to compare with. The fact that there
has been no CVE since 2007 is good. I'll give you an update if we  are able
to publish something involving tcpdump Thanks again.

Cellular (304) 276-8628

Raymond Borges
MSCS/BSCpE
SREB Fellow
CS Ph.D. Student
Lane Department of CS/EE
West Virginia University
CompTIA A+, Network+, Security+ CE


On Mon, Mar 18, 2013 at 2:13 PM, Michael Richardson <m...@sandelman.ca>wrote:

>
> >>>>> "Raymond" == Raymond Borges <borgesraym...@gmail.com> writes:
>     Raymond> Specifically we are studying how versions fixed
>     Raymond> vulnerabilities by diffing the code functions where the CVE
>     Raymond> states the vulnerability was. We're also wondering why
>     Raymond> there are no listed CVEs after 2007 for tcpdump.
>     Raymond> http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=tcpdump
>
> There would be no CVEs prior to 3.5, because CVEs didn't exist.
>
> I am unaware of a CVE against tcpdump since 2007.  That's good, right?
>
> --
> ]               Never tell me the odds!                 | ipv6 mesh
> networks [
> ]   Michael Richardson, Sandelman Software Works        | network
> architect  [
> ]     m...@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails
>    [
>
>
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Reply via email to