CVE-2017-5482 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print().

Disclosed: 2019-10-08 20:31:56 By geeknik To ibb

High

Vulnerability Details

Reported to the project maintainers in 2016. Regardless of CVE-2016-8575 q933_print() still could overread the buffer trying to parse a short packet. Fixed by https://github.com/the-tcpdump-group/tcpdump/commit/c39c1d99ac3b6d5d9519b39da6717180651650d3.

Actions

View on HackerOne

Report Stats

Report ID: 202969
State: Closed
Substate: resolved
Upvotes: 2

CVE-2017-5482 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933_print().

Vulnerability Details

Actions

Report Stats

Share this report