PT-2017-9450 · Tcpdump+6 · Tcpdump+6

Published

2017-01-27

·

Updated

2024-06-15

·

CVE-2016-7992

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions tcpdump versions prior to 4.9.0
Description The issue is related to a buffer overflow in the Classical IP over ATM parser and the ISO CLNS parser. This is caused by improper bounds checking, allowing a remote attacker to overflow a buffer by sending an overly long argument. This could lead to the execution of arbitrary code on the system or cause the application to crash.
Recommendations For versions prior to 4.9.0, update to version 4.9.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the print-cip.c and print-isoclns.c functions until a patch is available. Avoid using the affected API endpoints or functions, such as cip if print() and clnp print(), in the affected versions until the issue is resolved.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2019-1321
CESA-2017_1871
CVE-2016-7992
DLA-809-1
DSA-3775-1
MGASA-2017-0061
OPENSUSE-SU-2024:11425-1
RHSA-2017:1871
RHSA-2017_1871
SUSE-SU-2017:0656-1
SUSE-SU-2017:1110-1
USN-3205-1

Affected Products

Alt Linux
Centos
Ibm Aix
Red Hat
Suse
Ubuntu
Tcpdump