Francois-Xavier Le Bail

15 exploits Active since Sep 2017

CVE-2017-13005 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().

CVSS 9.8

View Code

CVE-2017-13023 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

CVSS 9.8

View Code

CVE-2017-13024 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

CVSS 9.8

View Code

CVE-2017-13025 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

CVSS 9.8

View Code

CVE-2017-13028 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().

CVSS 9.8

View Code

CVE-2017-13036 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.1 - Out-of-Bounds Read

The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().

CVSS 9.8

View Code

CVE-2018-14461 WRITEUP HIGH WRITEUP

tcpdump <4.9.3 - Buffer Overflow

The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().

CVSS 7.5

View Code

CVE-2018-14462 WRITEUP HIGH WRITEUP

tcpdump <4.9.3 - Buffer Overflow

The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().

CVSS 7.5

View Code

CVE-2018-14464 WRITEUP HIGH WRITEUP

tcpdump <4.9.3 - Buffer Overflow

The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().

CVSS 7.5

View Code

CVE-2018-14465 WRITEUP HIGH WRITEUP

tcpdump <4.9.3 - Buffer Overflow

The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().

CVSS 7.5

View Code

CVE-2018-14467 WRITEUP HIGH WRITEUP

tcpdump <4.9.3 - Buffer Overflow

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).

CVSS 7.5

View Code

CVE-2018-14882 WRITEUP HIGH WRITEUP

tcpdump <4.9.3 - Buffer Overflow

The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.

CVSS 7.5

View Code

CVE-2018-16229 WRITEUP HIGH WRITEUP

Tcpdump < 4.9.3 - Out-of-Bounds Read

The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().

CVSS 7.5

View Code

CVE-2019-15167 WRITEUP CRITICAL WRITEUP

Tcpdump < 4.9.3 - Out-of-Bounds Read

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.

CVSS 9.1

View Code

CVE-2020-8036 WRITEUP HIGH WRITEUP

tcpdump 4.10.0-PRE-GIT - Buffer Overflow

The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way.

CVSS 7.5

View Code