CVE-2016-7923

Name of the Vulnerable Software and Affected Versions tcpdump versions prior to 4.9.0

Description The issue concerns a buffer overflow in the ARP parser, specifically in the arp print() function within print-arp.c. Additionally, there's a mention of improper bounds checking by the ISO CLNS parser in the clnp print() function within print-isoclns.c, which could lead to a buffer overflow when an overly long argument is sent. This could potentially allow a remote attacker to execute arbitrary code on the system or cause the application to crash.

Recommendations For versions prior to 4.9.0, update to version 4.9.0 or later to resolve the buffer overflow issue in the ARP parser and the ISO CLNS parser. As a temporary workaround, consider restricting access to the arp print() and clnp print() functions until a patch is available. Avoid using overly long arguments in the affected API endpoints until the issue is resolved.