tcpdump mailing list archives

CVE-2007-1218 applicable to tcpdump 3.9.4?

From: Albert Chin <tcpdump-workers () mlists thewrittenword com>
Date: Tue, 6 Mar 2007 11:00:34 -0600

Is CVE-2007-1218 applicable to tcpdump 3.9.4? Doesn't seem so as the
line in the following patch was added after 3.9.4:

Index: print-802_11.c
===================================================================
RCS file: /tcpdump/master/tcpdump/print-802_11.c,v
retrieving revision 1.31.2.11
retrieving revision 1.31.2.12
diff -u -p -r1.31.2.11 -r1.31.2.12
--- print-802_11.c      13 Jun 2006 22:25:43 -0000      1.31.2.11
+++ print-802_11.c      1 Feb 2007 02:18:45 -0000       1.31.2.12
@@ -264,7 +264,7 @@ parse_elements(struct mgmt_body_t *pbody
 
                        if (pbody->tim.length <= 3)
                                break;
-                       if (pbody->rates.length > sizeof pbody->tim.bitmap)
+                       if (pbody->tim.length - 3 > sizeof pbody->tim.bitmap)
                                return;
                        if (!TTEST2(*(p + offset), pbody->tim.length - 3))
                                return;

-- 
albert chin (china () thewrittenword com)
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.

Current thread:

CVE-2007-1218 applicable to tcpdump 3.9.4? Albert Chin (Mar 06)
- Re: CVE-2007-1218 applicable to tcpdump 3.9.4? Guy Harris (Mar 10)
  - Re: CVE-2007-1218 applicable to tcpdump 3.9.4? Florian Weimer (Mar 12)
    - Re: CVE-2007-1218 applicable to tcpdump 3.9.4? Guy Harris (Mar 12)