Guy Harris

93 exploits Active since Feb 2014
CVE-2017-13000 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in IEEE 802.15.4 Parser
The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().
CVSS 9.8
CVE-2016-5355 WRITEUP MEDIUM WRITEUP
Wireshark 1.12.x < 1.12.12 and 2.x < 2.0.4 - Denial of Service in Toshiba File Parser
wiretap/toshiba.c in the Toshiba file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVSS 5.9
CVE-2016-5356 WRITEUP MEDIUM WRITEUP
Wireshark 1.12.x < 1.12.12 and 2.x < 2.0.4 - Denial of Service in CoSine File Parser
wiretap/cosine.c in the CoSine file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVSS 5.9
CVE-2016-5357 WRITEUP MEDIUM WRITEUP
Wireshark 1.12.x < 1.12.12 and 2.x < 2.0.4 - Denial of Service in NetScreen File Parser
wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVSS 5.9
CVE-2017-12896 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in ISAKMP Parser
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
CVSS 9.8
CVE-2017-12899 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in DECnet Parser
The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().
CVSS 9.8
CVE-2017-12902 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in Zephyr Parser
The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.
CVSS 9.8
CVE-2017-12987 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in IEEE 802.11 Parser
The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().
CVSS 9.8
CVE-2017-13000 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in IEEE 802.15.4 Parser
The IEEE 802.15.4 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_15_4.c:ieee802_15_4_if_print().
CVSS 9.8
CVE-2017-13004 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in Juniper Protocols Parser
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c:juniper_parse_header().
CVSS 9.8
CVE-2017-13020 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in VTP Parser
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().
CVSS 9.8
CVE-2017-13028 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in BOOTP Parser
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().
CVSS 9.8
CVE-2017-13687 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in Cisco HDLC Parser
The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().
CVSS 9.8
CVE-2017-13725 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in IPv6 Routing Header Parser
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
CVSS 9.8
CVE-2019-15165 WRITEUP MEDIUM WRITEUP
libpcap < 1.9.1 - Denial of Service via Invalid PHB Header Length
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.
CVSS 5.3
CVE-2019-15161 WRITEUP MEDIUM WRITEUP
libpcap < 1.9.1 - Buffer Overflow via rpcapd/daemon.c Length Mishandling
rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.
CVSS 5.3
CVE-2023-1801 WRITEUP MEDIUM WRITEUP
tcpdump 4.99.3 - Out-of-bounds Write in SMB Protocol Decoder
The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.
CVSS 6.5
CVE-2023-7256 WRITEUP MEDIUM WRITEUP
libpcap < 1.10.5 - Double Free in Remote Packet Capture Address Initialization
In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. This makes it possible in some scenarios that both the function and its caller call freeaddrinfo() for the same allocated memory block. A similar problem was reported in Apple libpcap, to which Apple assigned CVE-2023-40400.
CVSS 4.4
CVE-2014-1943 WRITEUP WRITEUP
Fine Free file < 5.17 - Denial of Service via Crafted Indirect Offset in File Magic
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
CVE-2017-12893 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in SMB/CIFS Parser
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().
CVSS 9.8
CVE-2017-12894 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.1 - Out-of-bounds Read in addrtoname.c:lookup_bytestring()
Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring().
CVSS 9.8
CVE-2017-12895 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in ICMP Parser
The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().
CVSS 9.8
CVE-2017-12896 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in ISAKMP Parser
The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().
CVSS 9.8
CVE-2017-12897 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in ISO CLNS Parser
The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().
CVSS 9.8
CVE-2017-12898 WRITEUP CRITICAL WRITEUP
tcpdump < 4.9.2 - Out-of-bounds Read in NFS Parser
The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().
CVSS 9.8