CVE-2007-1218
tcpdump - buffer overflow
EPSS 20.3%
Description
Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.
How to fix CVE-2007-1218
To remediate CVE-2007-1218, upgrade the affected package to a fixed version below.
- Debian/tcpdump—upgrade to 3.9.5-2 or later
- Debian/tcpdump—upgrade to 3.8.3-5sarge2 or later
Is CVE-2007-1218 being exploited?
Moderate — EPSS is 20.3%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 3.9.5-2
- from 0, < 3.8.3-5sarge2