Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
NameCVE-2007-5756First vendor Publication2007-11-13
VendorCveLast vendor Modification2017-07-28

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score6.9Attack RangeLocal
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score3.4AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5756

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-100Overflow Buffers
CAPEC-119Resource Depletion
CAPEC-123Buffer Attacks

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

Open Source Vulnerability Database (OSVDB)

idDescription
42166WinPcap Monitor Mode NPF.SYS bpf_filter_init Function Array Indexing Crafted ...

Nessus® Vulnerability Scanner

DateDescription
2007-11-13Name : The remote Windows host contains an application that is prone to a local priv...
File : winpcap_npf_bpf_filter_init.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/26409
CONFIRM http://www.winpcap.org/misc/changelog.htm
IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625
SECTRACK http://www.securitytracker.com/id?1018935
VUPEN http://www.vupen.com/english/advisories/2007/3835
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/38433

Alert History

If you want to see full details history, please login or register.
0
1
2
3
DateInformations
2017-07-29 12:02:39
  • Multiple Updates
2016-04-26 16:46:06
  • Multiple Updates
2014-02-17 10:42:26
  • Multiple Updates
2013-05-11 10:40:51
  • Multiple Updates