Denis Ovsienko

26 exploits Active since Sep 2017

CVE-2015-3138 WRITEUP HIGH WRITEUP

tcpdump <4.7.4 - DoS

print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).

CVSS 7.5

View Code

CVE-2017-13042 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().

CVSS 9.8

View Code

CVE-2017-13043 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_multicast_vpn().

CVSS 9.8

View Code

CVE-2017-13044 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv4_print().

CVSS 9.8

View Code

CVE-2017-13045 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print().

CVSS 9.8

View Code

CVE-2017-13046 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().

CVSS 9.8

View Code

CVE-2017-13047 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().

CVSS 9.8

View Code

CVE-2017-13048 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

CVSS 9.8

View Code

CVE-2017-13049 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().

CVSS 9.8

View Code

CVE-2017-13050 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print().

CVSS 9.8

View Code

CVE-2017-13051 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

CVSS 9.8

View Code

CVE-2017-13052 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The CFM parser in tcpdump before 4.9.2 has a buffer over-read in print-cfm.c:cfm_print().

CVSS 9.8

View Code

CVE-2017-13053 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().

CVSS 9.8

View Code

CVE-2017-13054 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print().

CVSS 9.8

View Code

CVE-2017-13055 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().

CVSS 9.8

View Code

CVE-2017-13687 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().

CVSS 9.8

View Code

CVE-2018-14466 WRITEUP HIGH WRITEUP

tcpdump <4.9.3 - Buffer Overflow

The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().

CVSS 7.5

View Code

CVE-2018-14468 WRITEUP HIGH WRITEUP

tcpdump <4.9.3 - Buffer Overflow

The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().

CVSS 7.5

View Code

CVE-2018-14470 WRITEUP HIGH WRITEUP

tcpdump <4.9.3 - Buffer Overflow

The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().

CVSS 7.5

View Code

CVE-2018-16228 WRITEUP HIGH WRITEUP

Tcpdump < 4.9.3 - Out-of-Bounds Read

The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().

CVSS 7.5

View Code

CVE-2018-16230 WRITEUP HIGH WRITEUP

Tcpdump < 4.9.3 - Out-of-Bounds Read

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).

CVSS 7.5

View Code

CVE-2018-16300 WRITEUP HIGH WRITEUP

tcpdump <4.9.3 - Buffer Overflow

The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.

CVSS 7.5

View Code

CVE-2018-16301 WRITEUP HIGH WRITEUP

Tcpdump < 4.99.0 - Integer Overflow

The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.

CVSS 7.8

View Code

CVE-2018-16452 WRITEUP HIGH WRITEUP

tcpdump <4.9.3 - Buffer Overflow

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.

CVSS 7.5

View Code

CVE-2020-19611 WRITEUP MEDIUM WRITEUP

Racktables - XSS

Cross Site Scripting (XSS) in redirect module of Racktables version 0.21.2, allows an attacker to inject arbitrary web script or HTML via the op parameter.

CVSS 6.1

View Code