tcpdump mailing list archives
CVE-2007-1218 applicable to tcpdump 3.9.4?
From: Albert Chin <tcpdump-workers () mlists thewrittenword com>
Date: Tue, 6 Mar 2007 11:00:34 -0600
Is CVE-2007-1218 applicable to tcpdump 3.9.4? Doesn't seem so as the line in the following patch was added after 3.9.4: Index: print-802_11.c =================================================================== RCS file: /tcpdump/master/tcpdump/print-802_11.c,v retrieving revision 1.31.2.11 retrieving revision 1.31.2.12 diff -u -p -r1.31.2.11 -r1.31.2.12 --- print-802_11.c 13 Jun 2006 22:25:43 -0000 1.31.2.11 +++ print-802_11.c 1 Feb 2007 02:18:45 -0000 1.31.2.12 @@ -264,7 +264,7 @@ parse_elements(struct mgmt_body_t *pbody if (pbody->tim.length <= 3) break; - if (pbody->rates.length > sizeof pbody->tim.bitmap) + if (pbody->tim.length - 3 > sizeof pbody->tim.bitmap) return; if (!TTEST2(*(p + offset), pbody->tim.length - 3)) return; -- albert chin (china () thewrittenword com) - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- CVE-2007-1218 applicable to tcpdump 3.9.4? Albert Chin (Mar 06)
- Re: CVE-2007-1218 applicable to tcpdump 3.9.4? Guy Harris (Mar 10)
- Re: CVE-2007-1218 applicable to tcpdump 3.9.4? Florian Weimer (Mar 12)
- Re: CVE-2007-1218 applicable to tcpdump 3.9.4? Guy Harris (Mar 12)
- Re: CVE-2007-1218 applicable to tcpdump 3.9.4? Florian Weimer (Mar 12)
- Re: CVE-2007-1218 applicable to tcpdump 3.9.4? Guy Harris (Mar 10)