SB2017020629 - Buffer overflow in tcpdump (Alpine package)
Published: February 6, 2017
Security Bulletin ID
SB2017020629
Severity
High
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2016-7928)
The vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target system.The weakness exists due to buffer overflow in the print-ipcomp.c:ipcomp_print() in the IPComp parser. A remote attacker can use a specially crafted IPComp protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=463c720cae55a3f0c45d5b52bc6da81e2fbe307e
- https://git.alpinelinux.org/aports/commit/?id=a9f20ceec7434edc3b6efaaf3d9117504437d0d0
- https://git.alpinelinux.org/aports/commit/?id=3ef6a6d85712fb0068f7b211c3e105a446f3af5b
- https://git.alpinelinux.org/aports/commit/?id=c1a6c375d61229ad81ad0d61a67cd9cb3b900c94
- https://git.alpinelinux.org/aports/commit/?id=daee30e03d94d9048b5b2d3da5dc1164cacea65f
- https://git.alpinelinux.org/aports/commit/?id=889fe674354b8ffbce03fdbfb24f5b03f1520291