WRITEUP

WRITEUP

Exploit for CVE-2017-12896 - Tcpdump < 4.9.1 - Out-of-Bounds Read

AI Analysis

This patch addresses CVE-2017-12896, a buffer over-read vulnerability in tcpdump's ISAKMP parser. The fix adds bounds checks in the `isakmp_rfc3948_print()` function to prevent out-of-bounds reads when processing malformed ISAKMP packets.

Attack Type

DoS

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1499 - Endpoint Denial of Service

Loading exploit code...

Download ZIP Password: eip

Source

Platform Writeup

Type patch

Files 1

https://github.com/the-tcpdump-group/tcpdump/commit/f76e7feb41a4327d2b0978449bbdafe98d4a3771

Authors

Guy Harris

Vulnerability

CVE-2017-12896

Tcpdump < 4.9.1 - Out-of-Bounds Read

CRITICAL

CVSS 9.8