CVE-2007-1218

Publication date 2 March 2007

Last updated 24 July 2024

Ubuntu priority

Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
tcpdump	7.04 feisty	Fixed 3.9.5-2ubuntu1
	6.10 edgy	Fixed 3.9.4-4ubuntu0.2
	6.06 LTS dapper	Fixed 3.9.4-2ubuntu0.2

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-429-1
tcpdump vulnerability
6 March 2007

Other references

https://www.cve.org/CVERecord?id=CVE-2007-1218