SB2017020655 - Buffer overflow in tcpdump (Alpine package)
Published: February 6, 2017
Security Bulletin ID
SB2017020655
Severity
High
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2017-5204)
The vulnerability allow a remote attacker to cause DoS condition or potentially execute arbitrary code on the target syste.The weakness exists due to buffer overflow in print-ip6.c:ip6_print() in the IPv6 parser. A remote attacker can use a specially crafted IPv6 protocol to trigger memory corruption and cause the application to crash or possibly execute arbitrary code.
Successful exploitation of the vulnerability may result system compromise.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=463c720cae55a3f0c45d5b52bc6da81e2fbe307e
- https://git.alpinelinux.org/aports/commit/?id=a9f20ceec7434edc3b6efaaf3d9117504437d0d0
- https://git.alpinelinux.org/aports/commit/?id=3ef6a6d85712fb0068f7b211c3e105a446f3af5b
- https://git.alpinelinux.org/aports/commit/?id=c1a6c375d61229ad81ad0d61a67cd9cb3b900c94
- https://git.alpinelinux.org/aports/commit/?id=daee30e03d94d9048b5b2d3da5dc1164cacea65f
- https://git.alpinelinux.org/aports/commit/?id=889fe674354b8ffbce03fdbfb24f5b03f1520291