CVE-2003-0093

2003-03-0305:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.02

Percentile

88.9%

JSON

The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.

Affected configurations

Nvd

Node

lbltcpdumpMatch3.4

lbltcpdumpMatch3.4a6

lbltcpdumpMatch3.5

lbltcpdumpMatch3.5.2

lbltcpdumpMatch3.6.2

VendorProductVersionCPE
lbltcpdump3.4cpe:2.3:a:lbl:tcpdump:3.4:*:*:*:*:*:*:*
lbltcpdump3.4a6cpe:2.3:a:lbl:tcpdump:3.4a6:*:*:*:*:*:*:*
lbltcpdump3.5cpe:2.3:a:lbl:tcpdump:3.5:*:*:*:*:*:*:*
lbltcpdump3.5.2cpe:2.3:a:lbl:tcpdump:3.5.2:*:*:*:*:*:*:*
lbltcpdump3.6.2cpe:2.3:a:lbl:tcpdump:3.6.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
lbl	tcpdump	3.4	cpe:2.3:a:lbl:tcpdump:3.4:::::::*
lbl	tcpdump	3.4a6	cpe:2.3:a:lbl:tcpdump:3.4a6:::::::*
lbl	tcpdump	3.5	cpe:2.3:a:lbl:tcpdump:3.5:::::::*
lbl	tcpdump	3.5.2	cpe:2.3:a:lbl:tcpdump:3.5.2:::::::*
lbl	tcpdump	3.6.2	cpe:2.3:a:lbl:tcpdump:3.6.2:::::::*