tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE-2007-1218 applicable to tcpdump 3.9.4?

From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 01 Apr 2007 17:05:55 +0200
* Guy Harris:


Florian Weimer wrote:


Thanks for the clarification.  Have you already requested a new CVE
name?


Is one needed?  The page at

      http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1218

says

      Off-by-one buffer overflow in the parse_elements function in
the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 *and
earlier* allows remote attackers to cause a denial of service (crash)
via a crafted 802.11 frame. NOTE: this was originally referred to as
heap-based, but it might be stack-based.


I mistakenly assumed that the incomplete fix some people referred to
was a recent change, but it's not.  Thanks for the clarification.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: