CVE-2018-16301
N/A
N/A
Summary
The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| The Tcpdump Group | tcpdump | unspecified < 4.99.0 | affected |
Weaknesses
- CWE-190: CWE-190 integer overflow or wraparound
- CWE-787: CWE-787 out-of-bounds write
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.