Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentTcpdumpVULNRICHMENT:CVE-2024-8006
HistoryAug 30, 2024 - 11:53 p.m.

CVE-2024-8006 NULL pointer dereference in libpcap before 1.10.5 with remote packet capture support

2024-08-3023:53:11
CWE-476
Tcpdump
github.com
1
vulnerability
libpcap
remote capture

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON

Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcap_findalldevs_ex(). One of the function arguments can be a filesystem path, which normally means a directory with input data files. When the specified path cannot be used as a directory, the function receives NULL from opendir(), but does not check the return value and passes the NULL value to readdir(), which causes a NULL pointer derefence.

Related

debiancve 1
osv 4
ubuntucve 1
cvelist 1
nvd 1
cve 1
redhatcve 1
alpinelinux 1
redos 1
slackware 1
openvas 2
nessus 3
mageia 1
debiancve
debiancve
CVE-2024-8006
2024-08-31 00:15:05
osv
osv
CVE-2024-8006
2024-08-31 00:15:05
Security update for libpcap
2024-09-11 15:39:32
Security update for libpcap
2024-09-12 11:06:09
ubuntucve
ubuntucve
CVE-2024-8006
2024-09-03 00:00:00
cvelist
cvelist
CVE-2024-8006 NULL pointer dereference in libpcap before 1.10.5 with remote packet capture support
2024-08-30 23:53:11
nvd
nvd
CVE-2024-8006
2024-08-31 00:15:05
cve
cve
CVE-2024-8006
2024-08-31 00:15:05
redhatcve
redhatcve
CVE-2024-8006
2024-09-02 06:40:52
alpinelinux
alpinelinux
CVE-2024-8006
2024-08-31 00:15:05
redos
redos
ROS-20240910-04
2024-09-10 00:00:00
slackware
slackware
[slackware-security] libpcap
2024-08-31 18:34:53
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0295)
2024-09-12 00:00:00
Slackware: Security Advisory (SSA:2024-244-01)
2024-09-02 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libpcap (SUSE-SU-2024:3217-1)
2024-09-13 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libpcap (SUSE-SU-2024:3210-1)
2024-09-12 00:00:00
Slackware Linux 15.0 / current libpcap Multiple Vulnerabilities (SSA:2024-244-01)
2024-08-31 00:00:00
mageia
mageia
Updated libpcap packages fix security vulnerabilities
2024-09-11 23:42:44

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON
Related for VULNRICHMENT:CVE-2024-8006
debiancve1osv4ubuntucve1cvelist1nvd1cve1redhatcve1alpinelinux1redos1slackware1openvas2nessus3mageia1