CVE-2017-5484 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print()

Disclosed: 2019-10-08 20:31:29 By geeknik To ibb

High

Vulnerability Details

Reported to the project maintainers in 2016. The function sig_print() did receive a correct caplen parameter value but didn't use it correctly which could result in a read outside of buffer. Fixed by https://github.com/the-tcpdump-group/tcpdump/commit/5d214e36eed3565fbdc0f9b527bbc33a6bb63972.

Actions

View on HackerOne

Report Stats

Report ID: 202967
State: Closed
Substate: resolved
Upvotes: 5

CVE-2017-5484 The ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-atm.c:sig_print()

Vulnerability Details

Actions

Report Stats

Share this report