CVE-2007-1218 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-1218
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-1218

Description: Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/32749 UBUNTU http://www.ubuntu.com/usn/usn-429-1 TURBO http://www.turbolinux.com/security/2007/TLSA-2007-46.txt ST 1017717 SAID Secunia Advisory: SA24318 Secunia Advisory: SA24354 Secunia Advisory: SA24423 Secunia Advisory: SA24451 Secunia Advisory: SA24583 Secunia Advisory: SA24610 Secunia Advisory: SA27580 Secunia Advisory: SA28136 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0387.html http://www.redhat.com/support/errata/RHSA-2007-0368.html OSVDB 32427 MISC http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c?r1=1.31.2.11&r2=1.31.2.12 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:155 http://www.mandriva.com/security/advisories?name=MDKSA-2007:056 FULLDISC http://seclists.org/fulldisclosure/2007/Mar/0003.html FEDORA http://fedoranews.org/cms/node/2799 http://fedoranews.org/cms/node/2798 DEBIAN http://www.debian.org/security/2007/dsa-1272 CONFIRM http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-802_11.c http://docs.info.apple.com/article.html?artnum=307179 CERT http://www.us-cert.gov/cas/techalerts/TA07-352A.html BID 22772 APPLE http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html

Return to the previous page.