5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.684 Medium
EPSS
Percentile
97.9%
A vulnerability in tcpdump
could allow a remote attacker to cause a denial of service on an affected system.
The tcpdump
tool allows for the inspection of network packets and contains decoders for many standard protocols, including the Internet Security Association and Key Management Protocol (ISAKMP). The ISAKMP “Identification Payload” contains information used for determining the identities of communicating peers and may be used for determining authenticity of information. A flaw exists in the way that tcpdump
’s ISAKMP decoder handles ISAKMP packets with a malformed Identification Payload. According to the Rapid7 advisory about this issue:
An ISAKMP packet with a malformed Identification payload with a self-reported payload length that becomes less than 8 when its byte order is reversed will cause TCPDUMP to crash as it tries to read from beyond the end of the snap buffer. TCPDUMP must be using a snaplen of 325 or greater for this underflow to be triggered.
This condition is only exploitable if tcpdump
is invoked with the verbose display option, ‘-v
’.
A remote attacker could cause tcpdump
to crash.
Apply a patch from the vendor
Patches have been released to address this issue. Please see the Systems Affected section of this document for more details.
492558
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: August 26, 2004
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
More information can be found in Debian Security Advisory DSA-478. Users are encouraged to review this advisory and apply the patches it refers to.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23492558 Feedback>).
Updated: August 26, 2004
Affected
Name : tcpdump
Version : 3.7.2
Release : 8.fc1.2
Summary : A network traffic monitoring tool.
Description :
Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump can capture and display the packet headers on a particular
network interface or on all interfaces. Tcpdump can display all of
the packet headers, or just the ones that match particular criteria.
Install tcpdump if you need a program to monitor network traffic.
Update Information:
Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump v3.8.1 and earlier versions contained multiple flaws in the
packet display functions for the ISAKMP protocol. Upon receiving
specially crafted ISAKMP packets, TCPDUMP would try to read beyond
the end of the packet capture buffer and subsequently crash.
This update can be downloaded from:
<http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/>
c11dc7a9af4766ca018405339f6e8b0d SRPMS/tcpdump-3.7.2-8.fc1.2.src.rpm
f7de913568498b8b38788d2fc673162e i386/tcpdump-3.7.2-8.fc1.2.i386.rpm
13f09fefc188bfa47b0dc993eadabcd7 i386/libpcap-0.7.2-8.fc1.2.i386.rpm
5bdc0b8f388497e475b7091b5175c6c6 i386/arpwatch-2.1a11-8.fc1.2.i386.rpm
2545161afba66a197a54233349bc0285 x86_64/tcpdump-3.7.2-8.fc1.2.x86_64.rpm
343dea7f180e95f86b436fc42ce34c21 x86_64/libpcap-0.7.2-8.fc1.2.x86_64.rpm
1e50e97307551fabb2aba8f8c4cf635d x86_64/arpwatch-2.1a11-8.fc1.2.x86_64.rpm
–
fedora-announce-list mailing list
[email protected]
<http://www.redhat.com/mailman/listinfo/fedora-announce-list>
`
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23492558 Feedback>).
Updated: August 26, 2004
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
More information can be found in Gentoo Linux Security Advisory GLSA 200404-03. Users are encouraged to review this advisory and apply the patches it refers to.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23492558 Feedback>).
Updated: August 26, 2004
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
More information can be found in Mandrakelinux Security Update Advisory MDKSA-2004:030. Users are encouraged to review this advisory and apply the patches it refers to.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23492558 Feedback>).
Updated: August 26, 2004
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
More information is available in OpenPKG Security Advisory OpenPKG-SA-2004.010. Users are encouraged to review this advisory and apply the patches it refers to.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23492558 Feedback>).
Updated: August 26, 2004
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
More information can be found in Red Hat Security Advisory RHSA-2004:219. Users are encouraged to review this advisory and apply the patches it refers to.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23492558 Feedback>).
Updated: August 26, 2004
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
More information can be found in SGI Advanced Linux Environment 2.4 security update #21and SGI Advanced Linux Environment 3 Security Update #3. Users are encouraged to review these advisories and apply the patches they refer to.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23492558 Feedback>).
Updated: August 26, 2004
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The Slackware Security team has published Slackware Security Advisory SSA:2004-108 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23492558 Feedback>).
Updated: August 26, 2004
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
More information can be found in SuSE Security Announcement SuSE-SA:2004:011. Users are encouraged to review this advisory and apply the patches it refers to.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23492558 Feedback>).
Updated: August 26, 2004
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
More information can be found in Trustix Secure Linux Security Advisory TSLSA-2004-0015. Users are encouraged to review this advisory and apply the patches it refers to.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23492558 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This vulnerability was discovered by Rapid7 using their Striker test suite.
This document was written by Chad R Dougherty based on information published in Rapid7 Advisory R7-0017.
CVE IDs: | CVE-2004-0184 |
---|---|
Severity Metric: | 1.69 Date Public: |