92 matches found
DEBIAN-CVE-2018-14938
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle80211, which will result in an out-of-bounds...
CVE-2018-14938
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle80211, which will result in an out-of-bounds...
CVE-2018-14938
tcpflow
CVE-2018-14938
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle80211, which will result in an out-of-bounds...
CVE-2018-14938
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle80211, which will result in an out-of-bounds...
CVE-2018-14938
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle80211, which will result in an out-of-bounds...
UBUNTU-CVE-2018-14938
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handleprism during caplen processing. If the caplen is less than 144, one can cause an integer overflow in the function handle80211, which will result in an out-of-bounds...
CVE-2003-0671
Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow...
CVE-2003-0670
Sustworks IPNetSentryX and IPNetMonitorX are affected. The setuid helper applications RunTCPDump (invokes tcpdump) and RunTCPFlow (invokes tcpflow) allow local users to sniff network packets, exposing partial confidentiality. Root cause is the presence of setuid wrappers enabling packet capture. ...
CVE-2003-0671
CVE-2003-0671 affects tcpflow and is described as a format string vulnerability that, when tcpflow runs in a setuid context (notably the RunTCPFlow program used by Sustworks IPNetSentryX and IPNetMonitorX), allows local users to execute arbitrary code via the device name argument. The available d...
CVE-2003-0671
Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow...
Sustworks Unauthorized Network Monitoring and tcpflow format string attack
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Sustworks Unauthorized Network Monitoring and tcpflow format string attack Release Date: 08/07/2003 Application: IPNetMonitorX and IPNetSentryX Platform: Mac OS X Severity: Local users can...