Vulnerability Details : CVE-2011-1935
pcap-linux.c in libpcap 1.1.1 before commit ea9432fabdf4b33cbc76d9437200e028f1c47c93 when snaplen is set may truncate packets, which might allow remote attackers to send arbitrary data while avoiding detection via crafted packets.
Products affected by CVE-2011-1935
- cpe:2.3:a:tcpdump:libpcap:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1935
1.32%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 78 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1935
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2011-1935
-
http://www.openwall.com/lists/oss-security/2011/05/19/11
oss-security - Re: CVE requests: ffmpeg/widelands/jifty::db/lilo/libpcapBroken Link;Issue Tracking;Mailing List;Patch;Third Party Advisory
-
https://security-tracker.debian.org/tracker/CVE-2011-1935/
CVE-2011-1935Issue Tracking;Third Party Advisory
-
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623868
#623868 - snapshot length corruption on live captures - Debian Bug report logsIssue Tracking;Patch;Third Party Advisory
-
http://article.gmane.org/gmane.network.tcpdump.devel/4968
Broken Link;Issue Tracking;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2014/02/08/5
oss-security - Fwd: Old CVE ids, public, but still "RESERVED"Mailing List;Third Party Advisory
-
https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=623868;filename=0001-Fix-the-calculation-of-the-frame-size-in-memory-mapp.patch;msg=10
Issue Tracking;Patch;Third Party Advisory
-
http://thread.gmane.org/gmane.network.tcpdump.devel/5018
Broken Link;Issue Tracking;Patch;Third Party Advisory
Jump to