CVE-2017-13011

Source
Severity Critical
Remote Yes
Type Arbitrary code execution
Description
An out-of-bounds write vulnerability was discovered in tcpdump's parsers when calling bittok2str_internal. An attacker could craft a malicious pcap file or send specially crafted packets to the network that would cause tcpdump to crash or possibly execute arbitrary code while processing the packet data.
Group Package Affected Fixed Severity Status Ticket
AVG-361 tcpdump 4.9.1-1 4.9.2-1 Critical Fixed
Date Advisory Group Package Severity Description
13 Sep 2017 ASA-201709-5 AVG-361 tcpdump Critical multiple issues
References
https://github.com/the-tcpdump-group/tcpdump/commit/9f0730bee3eb65d07b49fd468bc2f269173352fe