Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Tcpdump | Tcpdump | * | 3.9.6 (including) |