CVE-2026-6525

A flaw was found in the IEEE 802.11 dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a NULL pointer dereference, resulting in a denial of service. Mitigation If the IEEE 802.11 protocol dissector is not being used, it can be...

EUVD-2016-5941

Malware in sbrugna...

SUSE-SU-2025:0590-1 Security update for netty, netty-tcnative

This update for netty, netty-tcnative fixes the following issues: - CVE-2025-24970: incorrect validation of packets by SslHandler can lead to a native crash. bsc1237037 - CVE-2025-25193: unsafe reading of environment files can lead to an application crash. bsc1237038 Update to netty version 4.1.1...

SUSE CVE-2024-2397

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21...

wireshark: XRA dissector infinite loop

A flaw was found in the XRA dissector of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an infinite loop, resulting in a denial of service...

NetworkAssessment - With Wireshark Or TCPdump, You Can Determine Whether There Is Harmful Activity On Your Network Traffic That You Have Recorded On The Network You Monitor

The Network Compromise Assessment Tool is designed to analyze pcap files to detect potential suspicious network traffic. This tool focuses on spotting abnormal activities in the network traffic and searching for suspicious keywords. DNS Tunneling Detection : Identifies potential covert...

TrafficWatch - TrafficWatch, A Packet Sniffer Tool, Allows You To Monitor And Analyze Network Traffic From PCAP Files

TrafficWatch, a packet sniffer tool, allows you to monitor and analyze network traffic from PCAP files. It provides insights into various network protocols and can help with network troubleshooting, security analysis, and more. Protocol-specific packet analysis for ARP, ICMP, TCP, UDP, DNS, DHCP,...

PT-2023-9850 · Tcpreplay +3 · Tcpreplay +3

Name of the Vulnerable Software and Affected Versions: TCPReplay version 4.4.3 Description: The issue allows a remote attacker to cause a denial of service via the read hexstring function. This is related to a pointer dereference issue in the tcprewrite editor of PCAP files in the Tcpreplay...

BruteShark - Network Analysis Tool

BruteShark is a Network Forensic Analysis Tool NFAT that performs deep processing and inspection of network traffic mainly PCAP files, but it also capable of directly live capturing from a network interface. It includes: password extracting, building a network map, reconstruct TCP sessions, extra...

Wireshark-Forensics-Plugin - A cross-platform Wireshark plugin that correlates network traffic data with threat intelligence, asset categorization & vulnerability data

Wireshark is the most widely used network traffic analyzer. It is an important tool for both live traffic analysis & forensic analysis for forensic/malware analysts. Even though Wireshark provides incredibly powerful functionalities for protocol parsing & filtering, it does not provide any...

tcpdump: Buffer over-read in icmp_print() function in print-icmp.c

An out-of-bounds read flaw was discovered in tcpdump while printing ICMP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application. System availability...

tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing RSVP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing ICMP6 packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

FATT - A Script For Extracting Network Metadata And Fingerprints From Pcap Files And Live Network Traffic

FATT is a script for extracting network metadata and fingerprints such as JA3 and HASSH from packet capture files pcap or live network traffic. The main use-case is for monitoring honeypots, but you can also use it for other use cases such as network forensic analysis. fatt works on Linux, macOS...

Termshark - A Terminal UI For Tshark, Inspired By Wireshark

A terminal user-interface for tshark, inspired by Wireshark. If you're debugging on a remote machine with a large pcap and no desire to scp it back to your desktop, termshark can help! Features Read pcap files or sniff live interfaces where tshark is permitted. Inspect each packet using familiar...

Xplico - Remote Code Execution (Metasploit)

Xplico - Remote Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xplico Remote Code Execution', 'Description' = %q This module exploits command injection vulnerability...

Xplico - Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xplico Remote Code Execution', 'Description' = %q This module exploits command injection vulnerability. Unauthenticated users can register a new...

Xplico Remote Code Execution

This module exploits command injection vulnerability. Unauthenticated users can register a new account and then execute a terminal command under the context of the root user. The specific flaw exists within the Xplico, which listens on TCP port 9876 by default. The goal of Xplico is extract from ...

tcprewrite - Heap Buffer Overflow

tcprewrite - Heap Buffer Overflow Title: tcprewrite Heap-Based Buffer Overflow CVE: CVE-2017-14266 CWE: CWE-122 Exploit Author: Hosein AskariFarazPajohan Vendor HomePage: http://tcpreplay.synfin.net/ Product Description: When you want to give a PCAP file to someone, it gives away certain sensitiv...

PcapViz - Visualize Network Topologies and Collect Graph Statistics Based on PCAP Files

PcapViz visualizes network topologies and provides graph statistics based on pcap files. It should be possible to determine key topological nodes or data exfiltration attempts more easily. Features Draw network topologies Layer 2 and communication graphs Layer 3 and 4 Network topologies contain...