RSS   Vulnerabilities for 'Libpcap'   RSS

2019-10-03
 
CVE-2019-15165

CWE-20
 

 
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.

 
 
CVE-2019-15164

CWE-918
 

 
rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.

 
 
CVE-2019-15163

CWE-476
 

 
rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.

 
 
CVE-2019-15162

CWE-345
 

 
rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.

 
 
CVE-2019-15161

CWE-20
 

 
rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.

 

 >>> Vendor: Tcpdump 3 Products
Tcpdump
Libpcap
Tcpslice


Copyright 2024, cxsecurity.com

 

Back to Top