EUVD-2018-4869

Malware in sbrugna...

SUSE CVE-2016-2851

Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service memory corruption and application crash or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow...

CVE-2018-14339

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation...

CVE-2018-14339

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation...

CVE-2018-14339

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation...

CVE-2018-12916

In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in pbcPmessagedefault in proto.c...

Design/Logic Flaw

In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in pbcPmessagedefault in proto.c...

Null pointer dereference

In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference...

CVE-2017-8824

CVE-2017-8824 affects the Linux kernel DCCP implementation. The bug is a use-after-free in dccp_disconnect (net/dccp/proto.c) that can be triggered by an AF_UNSPEC connect while in the DCCP_LISTEN state, allowing a local user to escalate privileges or cause a denial of service. Public advisories ...

Wireshark 2.0.x < 2.0.5 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.0.5. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.5 advisory. - CORBA IDL dissectors could crash on 64-bit Windows. It may be possible to make Wireshark crash by injecting a...

Double free

Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service application crash via a malformed packet...

Linux Kernel DCCP多个本地信息泄露漏洞

Linux是一款开放源代码的操作系统。 Linux针对DCCP支持存在多个问题，本地攻击者可以利用漏洞访问敏感信息。 问题存在于net/dccp/proto.c文件中的dodccpgetsockopt函数： ----------------------- static int dodccpgetsockoptstruct sock sk, int level, int optname, char user optval, int user optlen ... if getuserlen, optlen return -EFAULT; if len sizeofint return...

[Full-disclosure] Linux Kernel DCCP Memory Disclosure Vulnerability

Linux Kernel DCCP Memory Disclosure Vulnerability Synopsis: The Linux kernel is susceptible to a locally exploitable flaw which may allow local users to steal data from the kernel memory. Vulnerable Systems: Linux Kernel Versions: = 2.6.20 with DCCP support enabled. Kernel versions 2.6.20 lack...