mirrors/tcpdump
0
0
Fork 0
mirror of https://github.com/the-tcpdump-group/tcpdump.git synced 2024-11-28 04:25:16 +08:00
Code Issues Packages Projects Releases Wiki Activity
6bb65331a5
tcpdump/tests/hncp_dhcpv4data-oobr.out
Denis Ovsienko c2f6833ddd CVE-2017-13044/HNCP: add DHCPv4-Data bounds checks 
dhcpv4_print() in print-hncp.c had the same bug as dhcpv6_print(), apply
a fix along the same lines.

This fixes a buffer over-read discovered by Bhargava Shastry,
SecT/TU Berlin.

Add a test using the capture file supplied by the reporter(s).
2017-09-13 12:25:44 +01:00

5 lines
252 B
Plaintext
Raw Blame History

IP truncated-ip - 260 bytes missing! (tos 0x12,ECT(0), ttl 48, id 21323, offset 0, flags [+, DF, rsvd], proto UDP (17), length 296, bad cksum 8e0f (->cd08)!)
1.2.7.0.1812 > 128.253.0.96.8231: hncp (268)
DHCPv4-Data (6)
DNS-server (98) (invalid)
Reference in New Issue View Git Blame Copy Permalink