Guy Harris

75 exploits Active since Feb 2014
CVE-2014-1943 WRITEUP WRITEUP
Fine Free <5.17 - DoS
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
CVE-2017-12893 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
CVSS 9.8
CVE-2017-12894 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().
CVSS 9.8
CVE-2017-12895 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
CVSS 9.8
CVE-2017-12896 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
CVSS 9.8
CVE-2017-12897 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
CVSS 9.8
CVE-2017-12898 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
CVSS 9.8
CVE-2017-12899 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
CVSS 9.8
CVE-2017-12900 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-print.c:tok2strbuf().
CVSS 9.8
CVE-2017-12901 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().
CVSS 9.8
CVE-2017-12902 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
CVSS 9.8
CVE-2017-12985 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().
CVSS 9.8
CVE-2017-12986 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
CVSS 9.8
CVE-2017-12987 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
CVSS 9.8
CVE-2017-12988 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().
CVSS 9.8
CVE-2017-12989 WRITEUP HIGH WRITEUP
Tcpdump < 4.9.1 - Infinite Loop
The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().
CVSS 7.5
CVE-2017-12990 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Infinite Loop
The ISAKMP parser in tcpdump before 4.9.2 could enter an infinite loop due to bugs in print-isakmp.c, several functions.
CVSS 9.8
CVE-2017-12991 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
CVSS 9.8
CVE-2017-12992 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().
CVSS 9.8
CVE-2017-12993 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.
CVSS 9.8
CVE-2017-12994 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().
CVSS 9.8
CVE-2017-12995 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Infinite Loop
The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-domain.c:ns_print().
CVSS 9.8
CVE-2017-12996 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().
CVSS 9.8
CVE-2017-12997 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Infinite Loop
The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-lldp.c:lldp_private_8021_print().
CVSS 9.8
CVE-2017-12998 WRITEUP CRITICAL WRITEUP
Tcpdump < 4.9.1 - Out-of-Bounds Read
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_extd_ip_reach().
CVSS 9.8