---

CVE-2017-12995 - log back

CVE-2017-12995 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Remote
Type	+ Denial of service
Description	+ An infinite loop vulnerability was discovered in tcpdump's handling of DNS in tcpdump <= 4.9.1. An attacker could craft a malicious pcap file or send specially crafted packets to the network that would cause tcpdump to enter an infinite loop while processing the packet data leading to denial of service.
References	+ https://github.com/the-tcpdump-group/tcpdump/commit/3a76fd7c95fced2c2f8c8148a9055c3a542eff29
Notes