CVE-2017-14122 (debian_linux, unrar)

unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp.

CVE-2017-14120 (debian_linux, unrar)
unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a directory traversal vulnerability for RAR v2 archives: pathnames of the form ../[filename] are unpacked into the upper directory. View Full Alert
CVE-2017-13020 (debian_linux, tcpdump)
The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). View Full Alert
CVE-2017-13028 (debian_linux, tcpdump)
The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print(). View Full Alert

410-897-9494
Receive RedZone Security Updates in Your InboxContact Us