Support / Security / Advisories / Mandriva Linux 2007.1 / MDKSA-2007:155

Package name: tcpdump
Date: 2007-08-09
Advisory ID: MDKSA-2007:155
Affected versions: 2007.1 i586 , 2007.1 x86_64

Problem description

Off-by-one buffer overflow in the parse_elements function in the
802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier
allows remote attackers to cause a denial of service (crash) via a
crafted 802.11 frame.

Updated packages have been patched to prevent this issue.

Updated packages

2007.1 i586

 dd21fcc2041312477a7d255adfe3bf8d  2007.1/i586/tcpdump-3.9.5-1.2mdv2007.1.i586.rpm 
 51d352409c58bd2c85e2b84eb1569ead  2007.1/SRPMS/tcpdump-3.9.5-1.2mdv2007.1.src.rpm

2007.1 x86_64

 b6a61d821bb0c22c81519d91e02de34d  2007.1/x86_64/tcpdump-3.9.5-1.2mdv2007.1.x86_64.rpm 
 51d352409c58bd2c85e2b84eb1569ead  2007.1/SRPMS/tcpdump-3.9.5-1.2mdv2007.1.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1218