Oops, markdown fix, thanks @Zenofex

todb · todb · commit 89072807437a · 2023-06-05T00:30:45.000-05:00
Signed-off-by: Tod Beardsley &lt;todb@packetfu.com&gt;
diff --git a/cves/CVE-2023-0667.md b/cves/CVE-2023-0667.md
@@ -277,6 +277,7 @@ Ex4JdM76C7DO+guwTU1TDXr/igDv/9+KigEAAA0BAAAEAAAAAgADAAAAAAAAAAABN
 AAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2wAa29vb29vb29vbEz4JAc4H
 ```
 <br/>
+
 # Attacker Value
 
 Passing the above blob to fuzzshark will trigger a heap overflow, and any crash in fuzzshark is necessarily is a bug in Wireshark library code, including the Wireshark GUI application and TShark, as they all hit the same code paths. Therefore, we're confident that a specially crafted MSMSS packet that implements this crash behavior is exploitable.
diff --git a/cves/CVE-2023-0668.md b/cves/CVE-2023-0668.md
@@ -94,6 +94,7 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAA
 BRQkgUAAD3EwD/AAAAAAAAAAAAIQAAABERAQD///8AAA==
 ```
 <br/>
+
 # Attacker Value
 
 By providing this poisoned IEEE C37.118 packet, an attacker could hijack the user account of an analyst running Wireshark. Many security appliances capture packets as a matter of course for later analysis, and Wireshark is a common tool used by incident responders. So, it would be trivial for an attacker to intentionally "get caught" in order to provide their malicious packet to an incident response analyst. Once compromised, this can provide an attacker a unique, privileged position in the targeted network.
