8 matches found
SUSE CVE-2017-12893
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:namelen...
tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smbfdata via recursion...
AZL-7266 CVE-2019-17455 affecting package libntlm for versions less than 1.6-1
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request...
UBUNTU-CVE-2019-17455
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request...
CVE-2019-17455
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request...
CVE-2018-16452
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smbfdata via recursion...
CVE-2017-12893
CVE-2017-12893 affects tcpdump prior to 4.9.2. The issue is a buffer over-read in the SMB/CIFS parser (smbutil.c:name_len()), enabling a remote attacker to potentially read memory and disclose information. - Affected product: tcpdump (packet analyzer). - Vulnerable component: SMB/CIFS parsing. - ...
CVE-2017-12893
The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:namelen...