2 results (0.005 seconds)

CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 1

An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handle_prism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle_80211, which will result in an out-of-bounds read and may allow access to sensitive memory (or a denial of service). Se ha descubierto un problema en wifipcap/wifipcap.cpp en TCPFLOW hasta la versión 1.5.0-alpha. Hay un desbordamiento de enteros en la función handle_prism durante el procesamiento de caplen. • https://github.com/simsong/tcpflow/commit/a4e1cd14eb5ccc51ed271b65b3420f7d692c40eb https://github.com/simsong/tcpflow/issues/182 https://lists.debian.org/debian-lts-announce/2020/11/msg00046.html https://usn.ubuntu.com/3955-1 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1

Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow. Vulnerabilidad de cadena de formato en tcpflow, cuando se usa en un contexto setuid, permite a usuarios locales ejecutar código arbitrario mediante el argumento de nombre de dispositivo, como se ha demostrado con Sustworks IPNetSentryX e IPNetMonitorX usando el progarma ayudante RunTCPFlow. • http://www.atstake.com/research/advisories/2003/a080703-1.txt http://www.atstake.com/research/advisories/2003/a080703-2.txt •