Launchpad.net

CVE 2007-1218

Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.

See the

CVE page on Mitre.org for more details.

References

FULLDISC: 20070301 tcpdump: off-...
CONFIRM: https://issues.rpath.c...
MISC: https://bugs.gentoo.or...
CONFIRM: http://cvs.tcpdump.org...
UBUNTU: USN-429-1
BID: 22772
OSVDB: 32427
SECTRACK: 1017717
SECUNIA: 24318
SECUNIA: 24354
SECUNIA: 24423
SECUNIA: 24451
DEBIAN: DSA-1272
FEDORA: FEDORA-2007-347
FEDORA: FEDORA-2007-348
SECUNIA: 24583
SECUNIA: 24610
MANDRIVA: MDKSA-2007:155
MANDRIVA: MDKSA-2007:056
REDHAT: RHSA-2007:0368
SECUNIA: 27580
TURBO: TLSA-2007-46
REDHAT: RHSA-2007:0387
CONFIRM: http://docs.info.apple...
APPLE: APPLE-SA-2007-12-17
CERT: TA07-352A
SECUNIA: 28136
VUPEN: ADV-2007-0793
VUPEN: ADV-2007-4238
MISC: http://cvs.tcpdump.org...
XF: tcpdump-print80211c-bo...
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2007-1218

Related bugs

References