tcpdump mailing list archives

Security vulnerability

From: "H R, Shashikumar" <shashikumar.h-r () hp com>
Date: Tue, 7 Apr 2015 12:28:24 +0000

Hi All ,

While through list vulnerability  ,  It is mentioned that libpcap suffers the from attack mentioned in below link .

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4174

wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute 
arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted packet-trace file 
that includes a large packet.


Is libpcap version 1.1.1 available on tcpdump.org  is vulnerable to this attack ?  if yes which version has the fix for 
the same.


Thanks
Shashi.

_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Current thread:

Security vulnerability H R, Shashikumar (Apr 07)
- Re: Security vulnerability Guy Harris (Apr 07)