RSS   Vulnerabilities for 'Tcpflow'   RSS

2018-10-17
 
CVE-2018-18409

CWE-125
 

 
A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call.

 
2018-08-04
 
CVE-2018-14938

CWE-190
 

 
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handle_prism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle_80211, which will result in an out-of-bounds read and may allow access to sensitive memory (or a denial of service).

 


Copyright 2024, cxsecurity.com

 

Back to Top