9.8

CVE-2011-1935

pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding detection via crafted packets.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
TcpdumpLibpcap Version >= 1.1.1 < 1.2.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.65% 0.881
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.openwall.com/lists/oss-security/2014/02/08/5
Third Party Advisory
Mailing List
http://article.gmane.org/gmane.network.tcpdump.devel/4968
Third Party Advisory
Broken Link
Issue Tracking
http://thread.gmane.org/gmane.network.tcpdump.devel/5018
Patch
Third Party Advisory
Broken Link
Issue Tracking
http://www.openwall.com/lists/oss-security/2011/05/19/11
Patch
Third Party Advisory
Broken Link
Mailing List
Issue Tracking
https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1%3Bbug=623868%3Bfilename=0001-Fix-the-calculation-of-the-frame-size-in-memory-mapp.patch%3Bmsg=10
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623868
Patch
Third Party Advisory
Issue Tracking
https://security-tracker.debian.org/tracker/CVE-2011-1935/
Third Party Advisory
Issue Tracking