Tcpdump 4.8.1 ISO CLNS Overflow Vulnerability

Summary

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in addrtoname.c:lookup_nsap().

Credit:

The original article can be found at: http://www.securityfocus.com/bid/95852


Details

Vulnerable Systems:
 * Tcpdump 4.8.1

Tcpdump is prone to a overflow vulnerability.This allows a remote attackers to execute arbitrary code via crafted packets and cause a denial of service (memory corruption)

CVE Information:
CVE-2017-5485

Disclosure Timeline:
Publish Date : 2017-01-27
Last Update Date : 2017-02-01

Categories: News