Integer underflow in the olsr_print function in tcpdump 3...

Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame.

References

https://nvd.nist.gov/vuln/detail/CVE-2014-8767
https://exchange.xforce.ibmcloud.com/vulnerabilities/98765
https://support.apple.com/kb/HT205031
http://advisories.mageia.org/MGASA-2014-0503.html
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
http://lists.opensuse.org/opensuse-updates/2015-02/msg00062.html
http://packetstormsecurity.com/files/129155/tcpdump-4.6.2-OSLR-Denial-Of-Service.html
http://seclists.org/fulldisclosure/2014/Nov/47
http://www.debian.org/security/2014/dsa-3086
http://www.mandriva.com/security/advisories?name=MDVSA-2014:240
http://www.mandriva.com/security/advisories?name=MDVSA-2015:125
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
http://www.securityfocus.com/archive/1/534011/100/0/threaded
http://www.securityfocus.com/bid/71150
http://www.ubuntu.com/usn/USN-2433-1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Package

Affected versions

Patched versions

Description

References

Severity

EPSS score

Exploit Prediction Scoring System (EPSS)

Weaknesses

CVE ID

GHSA ID

Source code

Uh oh!