[tcpdump-workers] Security vulnerability

H R, Shashikumar shashikumar.h-r at hp.com
Tue Apr 7 08:28:24 EDT 2015


Hi All ,

While through list vulnerability  ,  It is mentioned that libpcap suffers the from attack mentioned in below link .

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4174

wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted packet-trace file that includes a large packet.


Is libpcap version 1.1.1 available on tcpdump.org  is vulnerable to this attack ?  if yes which version has the fix for the same.


Thanks
Shashi.



More information about the tcpdump-workers mailing list