Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:tcpdump:libpcap:1.1.1:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 6 matching records.
Displaying matches 1 through 6.
Vuln ID Summary CVSS Severity
CVE-2019-15165

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.

Published: October 03, 2019; 3:15:09 PM -0400
V3.1: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2019-15164

rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.

Published: October 03, 2019; 3:15:09 PM -0400
V3.1: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2019-15163

rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.

Published: October 03, 2019; 3:15:09 PM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2019-15162

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.

Published: October 03, 2019; 3:15:09 PM -0400
V3.1: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2019-15161

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.

Published: October 03, 2019; 3:15:09 PM -0400
V3.1: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2011-1935

pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding detection via crafted packets.

Published: October 20, 2017; 2:29:00 PM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH