Page 33 of 181 results (0.009 seconds)

CVSS: 6.8EPSS: 4%CPEs: 1EXPL: 0

Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based. Desbordamiento de búfer de error de superación de limite en la función parse_elements en código de impresión 802.11 (print-802_11.c) para tcpdump 3.9.5 y anteriores permite a atacantes remotos provocar denegación de servicio (caida) a través de ventanas manipuladas 802.11. NOTA: esto fue originalmente referenciado como basado en montón, pero podría estar basado en pila. • http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c?r1=1.31.2.11&r2=1.31.2.12 http://docs.info.apple.com/article.html?artnum=307179 http://fedoranews.org/cms/node/2798 http://fedoranews.org/cms/node/2799 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://seclists.org/fulldisclosure/2007/Mar/0003.html http://secunia.com/advisories/24318 http://secunia.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 6%CPEs: 25EXPL: 1

The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet. • https://www.exploit-db.com/exploits/1037 http://secunia.com/advisories/15634 http://secunia.com/advisories/17118 http://www.debian.org/security/2005/dsa-854 http://www.redhat.com/archives/fedora-announce-list/2005-June/msg00007.html http://www.redhat.com/support/errata/RHSA-2005-505.html http://www.securityfocus.com/archive/1/430292/100/0/threaded http://www.securityfocus.com/bid/13906 http://www.trustix.org/errata/2005/0028 https://bugzilla.redhat.com/bugzilla/show& •

CVSS: 5.0EPSS: 12%CPEs: 1EXPL: 2

The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. • https://www.exploit-db.com/exploits/956 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60/SCOSA-2005.60.txt http://secunia.com/advisories/15125 http://secunia.com/advisories/18146 http://www.redhat.com/support/errata/RHSA-2005-417.html http://www.redhat.com/support/errata/RHSA-2005-421.html http://www.securityfocus.com/archive/1/396930 http://www.securityfocus.com/archive/1/430292/100/0/threaded http://www.securityfocus.com/bid/13390 https://oval.cisecurity. •

CVSS: 5.0EPSS: 12%CPEs: 1EXPL: 1

The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet. • https://www.exploit-db.com/exploits/959 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60/SCOSA-2005.60.txt http://secunia.com/advisories/15125 http://secunia.com/advisories/18146 http://www.redhat.com/support/errata/RHSA-2005-417.html http://www.redhat.com/support/errata/RHSA-2005-421.html http://www.securityfocus.com/archive/1/396932 http://www.securityfocus.com/archive/1/430292/100/0/threaded http://www.securityfocus.com/bid/13392 https://oval.cisecurity. •

CVSS: 5.0EPSS: 82%CPEs: 1EXPL: 3

tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function. • https://www.exploit-db.com/exploits/957 https://www.exploit-db.com/exploits/958 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60/SCOSA-2005.60.txt http://secunia.com/advisories/15125 http://secunia.com/advisories/17101 http://secunia.com/advisories/18146 http://www.debian.org/security/2005/dsa-850 http://www.redhat.com/support/errata/RHSA-2005-417.html http://www.redhat.com/support/errata/RHSA-2005-421.html http://www.securityfocus.com/archive/1/396932 •