Gentoo FoundationGLSA-200404-03Tcpdump Vulnerabilities in ISAKMP Parsing
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.278 Low
EPSS
Percentile
96.8%
Background
Tcpdump is a program for monitoring IP network traffic. Libpcap is a supporting library which is responsibile for capturing packets off a network interface.
Description
There are two specific vulnerabilities in tcpdump, outlined in [ reference 1 ]. In the first scenario, an attacker may send a specially-crafted ISAKMP Delete packet which causes tcpdump to read past the end of its buffer. In the second scenario, an attacker may send an ISAKMP packet with the wrong payload length, again causing tcpdump to read past the end of a buffer.
Impact
Remote attackers could potentially cause tcpdump to crash or execute arbitrary code as the ‘pcap’ user.
Workaround
There is no known workaround at this time. All tcpdump users are encouraged to upgrade to the latest available version.
Resolution
All tcpdump users should upgrade to the latest available version. ADDITIONALLY, the net-libs/libpcap package should be upgraded.
# emerge sync
# emerge -pv ">=net-libs/libpcap-0.8.3-r1" ">=net-analyzer/tcpdump-3.8.3-r1"
# emerge ">=net-libs/libpcap-0.8.3-r1" ">=net-analyzer/tcpdump-3.8.3-r1"
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Gentoo | any | all | net-analyzer/tcpdump | <= 3.8.1 | UNKNOWN |
| Gentoo | any | all | net-libs/libpcap | <= 0.8.1-r1 | UNKNOWN |
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.278 Low
EPSS
Percentile
96.8%