In association with heise online

05 March 2007, 12:08

Update for tcpdump fixes DoS vulnerability

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A bug in the network analysis tool tcpdump can cause the application to crash when processing specific WLAN-802.11 frames. The bug is based on a buffer overflow in the parse_elements function. Because the tcpdump library forms the basis of many applications, an attacker could, for example, exploit the vulnerability to disable a WLAN-IDS in order to be able to carry out further attacks undisturbed. The bug was found in version 3.9.5 - previous versions are probably also affected. A patch on the CVS fixes the problem.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit