Skip to main content

Libpcap

6 CVEs product

Monthly

CVE-2024-8006 MEDIUM PATCH This Month

Remote packet capture support is disabled by default in libpcap. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Libpcap
NVD GitHub
CVSS 3.1
4.4
EPSS
0.2%
CVE-2019-15165 MEDIUM PATCH This Month

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Libpcap Debian Linux Leap Communications Operations Monitor +7
NVD GitHub
CVSS 3.1
5.3
EPSS
2.8%
CVE-2019-15164 MEDIUM PATCH This Month

rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Libpcap
NVD GitHub
CVSS 3.1
5.3
EPSS
2.9%
CVE-2019-15163 HIGH PATCH This Week

rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Libpcap
NVD GitHub
CVSS 3.1
7.5
EPSS
4.4%
CVE-2019-15162 MEDIUM PATCH This Month

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Libpcap
NVD GitHub
CVSS 3.1
5.3
EPSS
1.8%
CVE-2019-15161 MEDIUM PATCH This Month

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Libpcap
NVD GitHub
CVSS 3.1
5.3
EPSS
2.8%
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Remote packet capture support is disabled by default in libpcap. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Libpcap
NVD GitHub
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Libpcap Debian Linux +9
NVD GitHub
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Libpcap
NVD GitHub
EPSS 4% CVSS 7.5
HIGH PATCH This Week

rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Libpcap
NVD GitHub
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Libpcap
NVD GitHub
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Libpcap
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy