Tcpdump CVE-2018-19519 Stack Based Buffer Overflow Vulnerability

Tcpdump is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial-of-service condition; this can result in the attacker gaining complete control of the affected system.
Tcpdump version 4.9.2 is vulnerable.

Information

Bugtraq ID: 106098
Class: Boundary Condition Error
CVE: CVE-2018-19519

Remote: Yes
Local: No
Published: Dec 03 2018 12:00AM
Updated: Dec 03 2018 12:00AM
Credit: Sam Fowler
Vulnerable: tcpdump tcpdump 4.9.2
Redhat Enterprise Linux 7

Not Vulnerable:

Exploit

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

References:

CVE-2018-19519 tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefi (Redhat)
Github Reference (Github)
Tcp Dump Home Page (Tcp Dump Home Page)
IBM SECURITY ADVISORY (IBM)

Source: www.securityfocus.com

Exploit Collector

Search Exploit