Headline

CVE-2018-14463: (for 4.9.3) CVE-2018-14463/VRRP: Add a missing bounds check · the-tcpdump-group/tcpdump@3de07c7

The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.

5 years ago

CVE

Open in Source

#vulnerability #auth

@@ -0,0 +1,6 @@

IP (tos 0x7f,CE, ttl 254, id 40208, offset 0, flags [none], proto VRRP (112), length 34, options (unknown 69 [bad length 83]), bad cksum 8e15 (->bc96)!)

250.219.91.20 > 209.150.251.64: vrrp 250.219.91.20 > 209.150.251.64: VRRPv2, Advertisement, (ttl 254), vrid 2, prio 0, authtype simple, intvl 255s, length 6[|vrrp]

IP (tos 0x7f,CE, ttl 254, id 40208, offset 0, flags [none], proto VRRP (112), length 40, options (unknown 69 [bad length 83]), bad cksum 8e15 (->b790)!)

250.219.91.20 > 209.150.251.64: vrrp 250.219.91.20 > 209.150.251.64: VRRPv2, Advertisement, (ttl 254), vrid 2, prio 0, authtype simple, intvl 255s, length 12, addrs:[|vrrp]

IP (tos 0x7f,CE, ttl 254, id 40208, offset 0, flags [none], proto VRRP (112), length 40, options (unknown 69 [bad length 83]), bad cksum 8e15 (->bc90)!)

250.219.91.20 > 209.150.251.64: vrrp 250.219.91.20 > 209.150.251.64: VRRPv2, Advertisement, (ttl 254), vrid 2, prio 0, authtype simple, intvl 255s, length 12, addrs:[|vrrp]

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

1 year ago

1 year ago

1 year ago

1 year ago

1 year ago