VYPR

Dibbler

by Dibbler

CVEs (4)

  • CVE-2007-5030Sep 21, 2007
    risk 0.00cvss epss 0.02

    Multiple integer overflows in Dibbler 0.6.0 allow remote attackers to cause a denial of service (daemon crash) via packets containing options with large lengths, which trigger attempts at excessive memory allocation, as demonstrated by (1) the TSrvMsg constructor in…

  • CVE-2007-5031Sep 21, 2007
    risk 0.00cvss epss 0.02

    The TSrvOptIA_NA::rebind method in SrvOptions/SrvOptIA_NA.cpp in Dibbler 0.6.0 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via an invalid IA_NA option in a REBIND message.

  • CVE-2007-5028Sep 21, 2007
    risk 0.00cvss epss 0.01

    Dibbler 0.6.0 on Linux uses weak world-writable permissions for unspecified files in /var/lib/dibbler, which has unknown impact and local attack vectors.

  • CVE-2007-5029Sep 21, 2007
    risk 0.00cvss epss 0.02

    Dibbler 0.6.0 does not verify that certain length parameters are appropriate for buffer sizes, which allows remote attackers to trigger a buffer over-read and cause a denial of service (daemon crash), as demonstrated by incorrect behavior of the TSrvMsg constructor in…