WRITEUP

WRITEUP

Exploit for CVE-2017-12902 - Tcpdump < 4.9.1 - Out-of-Bounds Read

AI Analysis

This patch addresses CVE-2017-12902, a buffer over-read vulnerability in tcpdump's Zephyr protocol parser. The fix improves bounds checking by using ND_TTEST() and properly handling truncated packet data.

Attack Type

DoS

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1499 - Endpoint Denial of Service

Loading exploit code...

Download ZIP Password: eip

Source

Platform Writeup

Type patch

Files 1

https://github.com/the-tcpdump-group/tcpdump/commit/d17507ffa3e9742199b02a66aa940e79ababfa30

Authors

Guy Harris

Vulnerability

CVE-2017-12902

Tcpdump < 4.9.1 - Out-of-Bounds Read

CRITICAL

CVSS 9.8