Page 4 of 181 results (0.017 seconds)

CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0

The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). El analizador Rx en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en las funciones print-rx.c:rx_cache_find() y rx_cache_insert(). • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html http://seclists.org/fulldisclosure/2019/Dec/26 https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES https://github.com/the-tcpdump-group/tcpdump/commit/c24922e692a52121e853a84ead6b9337f4c08a94 https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0

The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). El analizador RSVP en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en print-rsvp.c:rsvp_obj_print(). An out-of-bounds read vulnerability was discovered in tcpdump while printing RSVP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html http://seclists.org/fulldisclosure/2019/Dec/26 https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES https://github.com/the-tcpdump-group/tcpdump/commit/bea2686c296b79609060a104cc139810785b0739 https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN. El analizador SMB en tcpdump versiones anteriores a 4.9.3, presenta lecturas excesivas del búfer en print-smb.c:print_trans() para \MAILSLOT\BROWSE y \PIPE\LANMAN. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html http://seclists.org/fulldisclosure/2019/Dec/26 https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES https://github.com/the-tcpdump-group/tcpdump/commit/96480ab95308cd9234b4f09b175ebf60e17792c6 https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0

The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). El analizador LDP en tcpdump versiones anteriores a 4.9.3, presenta una lectura excesiva del búfer en print-ldp.c:ldp_tlv_print(). An out-of-bounds read vulnerability was discovered in tcpdump while printing LDP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html http://seclists.org/fulldisclosure/2019/Dec/26 https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES https://github.com/the-tcpdump-group/tcpdump/commit/aa5c6b710dfd8020d2c908d6b3bd41f1da719b3b https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0

The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. El analizador BGP en tcpdump versiones anteriores a 4.9.3, permite el consumo de pila en print-bgp.c:bgp_attr_print() debido a una recursividad ilimitada. An uncontrolled resource consumption flaw was discovered in the way tcpdump prints BGP packets. The BGP protocol allows ATTR_SET to be nested as many times as the message can accommodate, however when a specially crafted packet is crafted and parsed by tcpdump, this may lead to stack exhaustion due to uncontrolled recursion. System availability is the highest threat from this vulnerability. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html http://seclists.org/fulldisclosure/2019/Dec/26 https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES https://github.com/the-tcpdump-group/tcpdump/commit/af2cf04a9394c1a56227c2289ae8da262828294a https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •