insufficient check of snprintf()'s return value, see gentoo bug #184815.
The exploit provided appearently doesn't trigger the overflow in
NetBSD; this might be due to different error return behavior of snprintf
implementations, or due to the fact that out tcpdump is still 3.8.3
while the bug was reported against 3.9.x. The fix looks correct in any
case.
The exploit caused an endless loop at another place instead, due
to an obvious bug, so fix this too.
Also apply another patch which was applied to the 3.8 branch upstream
but never released: rev. 1.72.2.5, infinite loop protection for ldp and bgp
We should update tcpdump to 3.9.x.
drochner