Lucene search

[email protected]CVE-2007-5756

HistoryNov 14, 2007 - 1:46 a.m.

CVE-2007-5756

2007-11-1401:46:00

CWE-129

[email protected]

web.nvd.nist.gov

cve-2007-5756

array index errors

bpf_filter_init

npf.sys

winpcap

privileges

ioctl requests

wireshark

monitor mode.

6.8 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests.

CPENameOperatorVersion
winpcap:winpcapwinpcaplt4.0.2

CPE	Name	Operator	Version
winpcap:winpcap	winpcap	lt	4.0.2

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=625

secunia.com/advisories/27676

www.securityfocus.com/bid/26409

www.securitytracker.com/id?1018935

www.vupen.com/english/advisories/2007/3835

www.winpcap.org/misc/changelog.htm

exchange.xforce.ibmcloud.com/vulnerabilities/38433

6.8 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2007-5756

seebug1 securityvulns2 nessus1 prion1 cvelist1 kaspersky1