CVE-2017-13689
The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().
Source: CVE-2017-13689
[월:] 2017년 09월
CVE-2017-13049
CVE-2017-13049
The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().
Source: CVE-2017-13049
CVE-2017-13690
CVE-2017-13690
The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.
Source: CVE-2017-13690
CVE-2017-13053
CVE-2017-13053
The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().
Source: CVE-2017-13053
CVE-2017-13725
CVE-2017-13725
The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().
Source: CVE-2017-13725
CVE-2017-13051
CVE-2017-13051
The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
Source: CVE-2017-13051
CVE-2017-13779
CVE-2017-13779
GSTN_offline_tool in India Goods and Services Tax Network (GSTN) Offline Utility tool before 1.2 executes winstart-server.vbs from the "C:GST Offline Tool" directory, which has insecure permissions. This allows local users to gain privileges by replacing winstart-server.vbs with arbitrary VBScript code. For example, a local user could create VBScript code for a TCP reverse shell, and use that later for Remote Command Execution.
Source: CVE-2017-13779
CVE-2017-13055
CVE-2017-13055
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv().
Source: CVE-2017-13055
CVE-2017-13029 (tcpdump)
CVE-2017-13029 (tcpdump)
The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().
Source: CVE-2017-13029 (tcpdump)
CVE-2017-13042 (tcpdump)
CVE-2017-13042 (tcpdump)
The HNCP parser in tcpdump before 4.9.2 has a buffer over-read in print-hncp.c:dhcpv6_print().
Source: CVE-2017-13042 (tcpdump)