Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2014-8767

Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame.

Related bugs and status

CVE-2014-8767 (Candidate) is related to these bugs:

Bug #1397558: please merge tcpdump from debian

Summary				In	Importance	Status
	1397558	please merge tcpdump from debian		tcpdump (Ubuntu)	Undecided	Fix Released

Bug #1662177: tcpdump multiple CVEs

Summary				In	Importance	Status
	1662177	tcpdump multiple CVEs		tcpdump (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

FULLDISC: 20141118 CVE-2014-8767...
MISC: http://packetstormsecu...
BID: 71150
DEBIAN: DSA-3086
UBUNTU: USN-2433-1
SUSE: openSUSE-SU-2015:0284
CONFIRM: http://advisories.mage...
MANDRIVA: MDVSA-2014:240
MANDRIVA: MDVSA-2015:125
CONFIRM: https://support.apple....
APPLE: APPLE-SA-2015-08-13-2
CONFIRM: http://www.oracle.com/...
XF: tcpdump-cve20148767-do...
BUGTRAQ: 20141118 CVE-2014-8767...