| शीर्षक | PcapPlusPlus v25.05 Heap-based Buffer Overflow |
|---|
| विवरण | A heap-based buffer over-read vulnerability exists in PcapPlusPlus's TLS handshake parsing module within the pcpp::SSLClientHelloMessage::getHandshakeVersion() function at SSLHandshake.cpp:1453. The flaw is caused by missing boundary validation on truncated TLS Client Hello packet data. When parsing a maliciously crafted and truncated TLS Client Hello packet, the function directly accesses the handshakeVersion field of the client hello header without verifying that the packet buffer contains sufficient data for the full header structure. This triggers an out-of-bounds heap read of 2 bytes beyond the allocated buffer boundary, resulting in memory corruption and program crash. Remote attackers can exploit this vulnerability by supplying a malformed network packet, which can be used to cause a denial-of-service (DoS) condition and may lead to potential sensitive memory information disclosure. |
|---|
| स्रोत | ⚠️ https://github.com/seladb/PcapPlusPlus/issues/2151 |
|---|
| उपयोगकर्ता | TYGLS (UID 94774) |
|---|
| सबमिशन | 01/06/2026 05:13 AM (29 दिन पहले) |
|---|
| संयम | 29/06/2026 06:25 AM (28 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 374591 [seladb PcapPlusPlus 25.05 TLS Hello SSLHandshake.cpp getHandshakeVersion handshakeVersion बफ़र ओवरफ़्लो] |
|---|
| अंक | 20 |
|---|