tcpdump mailing list archives
Re: CVE-2007-1218 applicable to tcpdump 3.9.4?
From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 01 Apr 2007 17:05:55 +0200
* Guy Harris:
Florian Weimer wrote:Thanks for the clarification. Have you already requested a new CVE name?Is one needed? The page at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1218 says Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 *and earlier* allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.
I mistakenly assumed that the incomplete fix some people referred to was a recent change, but it's not. Thanks for the clarification. - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- Re: CVE-2007-1218 applicable to tcpdump 3.9.4? Florian Weimer (Apr 01)