>> Tcpdump "decode_labeled_vpn_l2()" Function Remote Integer Overflow Vulnerability
Title : Tcpdump "decode_labeled_vpn_l2()" Function Remote Integer Overflow Vulnerability VUPEN ID : VUPEN/ADV-2007-2578 CVE ID : CVE-2007-3798
Rated as : High Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2007-07-19
Technical Description
A vulnerability has been identified in Tcpdump, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. This issue is caused by an integer overflow error in the "decode_labeled_vpn_l2()" [print-bgp.c] function when processing BGP packets, which could be exploited by attackers to crash an affected application or execute arbitrary code by sending a specially crafted packet to a vulnerable system.
