Lucene search
+L

8 matches found

susecve
susecve
added 2023/02/15 4:41 a.m.3 views

SUSE CVE-2017-12893

The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:namelen...

5.3CVSS7.5AI score0.02389EPSS
Exploits0References8
redhat
redhat
added 2020/11/04 1:47 a.m.8 views

tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smbfdata via recursion...

7.5CVSS6.4AI score0.04122EPSS
Exploits0References4
osv
osv
added 2019/10/10 6:15 p.m.6 views

AZL-7266 CVE-2019-17455 affecting package libntlm for versions less than 1.6-1

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request...

9.8CVSS6.1AI score0.03107EPSS
Exploits1References1
osv
osv
added 2019/10/10 6:15 p.m.3 views

UBUNTU-CVE-2019-17455

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request...

9.8CVSS7.6AI score0.03107EPSS
Exploits1References5
cvelist
cvelist
added 2019/10/10 5:17 p.m.31 views

CVE-2019-17455

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request...

9.4AI score0.03107EPSS
Exploits1References10
osv
osv
added 2019/10/03 4:15 p.m.27 views

CVE-2018-16452

The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smbfdata via recursion...

7.5CVSS9.5AI score
Exploits0References16
cve
cve
added 2017/09/14 6:0 a.m.124 views

CVE-2017-12893

CVE-2017-12893 affects tcpdump prior to 4.9.2. The issue is a buffer over-read in the SMB/CIFS parser (smbutil.c:name_len()), enabling a remote attacker to potentially read memory and disclose information. - Affected product: tcpdump (packet analyzer). - Vulnerable component: SMB/CIFS parsing. - ...

9.8CVSS9.3AI score0.02389EPSS
Exploits0References7Affected Software1
redhatcve
redhatcve
added 2017/09/14 4:20 a.m.28 views

CVE-2017-12893

The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:namelen...

9.8CVSS3.5AI score0.02389EPSS
Exploits0References1
Rows per page
Query Builder