Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2003-0108
HistoryMar 07, 2003 - 5:00 a.m.

CVE-2003-0108

2003-03-0705:00:00
[email protected]
web.nvd.nist.gov
7

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

High

EPSS

0.038

Percentile

91.9%

JSON

isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.

Affected configurations

Nvd
Node
lbltcpdumpMatch3.5.2
OR
lbltcpdumpMatch3.6.2
OR
lbltcpdumpMatch3.7
OR
lbltcpdumpMatch3.7.1
VendorProductVersionCPE
lbltcpdump3.5.2cpe:2.3:a:lbl:tcpdump:3.5.2:*:*:*:*:*:*:*
lbltcpdump3.6.2cpe:2.3:a:lbl:tcpdump:3.6.2:*:*:*:*:*:*:*
lbltcpdump3.7cpe:2.3:a:lbl:tcpdump:3.7:*:*:*:*:*:*:*
lbltcpdump3.7.1cpe:2.3:a:lbl:tcpdump:3.7.1:*:*:*:*:*:*:*

Related

debian 2
debiancve 1
cvelist 1
exploitdb 2
openvas 2
securityvulns 1
suse 1
nessus 4
redhat 1
cve 1
cert 1
ubuntucve 1
seebug 1
exploitpack 1
zdt 1
osv 1
debian
debian
[SECURITY] [DSA 255-1] New tcpdump packages fix denial of service vulnerability
2003-02-27 20:35:06
[SECURITY] [DSA 255-1] New tcpdump packages fix denial of service vulnerability
2003-02-27 20:35:06
debiancve
debiancve
CVE-2003-0108
2004-09-01 04:00:00
cvelist
cvelist
CVE-2003-0108
2004-09-01 04:00:00
exploitdb
exploitdb
TCPDump 3.x - Malformed ISAKMP Packet Denial of Service
2003-03-01 00:00:00
tcpdump - ISAKMP Identification Payload Integer Overflow
2004-04-05 00:00:00
openvas
openvas
Debian Security Advisory DSA 255-1 (tcpdump)
2008-01-17 00:00:00
Debian Security Advisory DSA 255-1 (tcpdump)
2008-01-17 00:00:00
securityvulns
securityvulns
iDEFENSE Security Advisory 02.27.03: TCPDUMP Denial of Service Vulnerability in ISAKMP Packet Parsing
2003-02-28 00:00:00
suse
suse
remote system compromise in tcpdump
2003-03-13 15:47:46
nessus
nessus
SUSE-SA:2003:0015: tcpdump
2004-07-25 00:00:00
RHEL 2.1 : tcpdump (RHSA-2003:085)
2004-07-06 00:00:00
Debian DSA-255-1 : tcpdump - infinite loop
2004-09-29 00:00:00
redhat
redhat
(RHSA-2003:085) tcpdump security update
2003-01-29 00:00:00
cve
cve
CVE-2003-0108
2004-09-01 04:00:00
cert
cert
tcpdump enters infinite loop when parsing crafted ISAKMP packets
2003-04-28 00:00:00
ubuntucve
ubuntucve
CVE-2003-0108
2003-03-07 00:00:00
seebug
seebug
tcpdump ISAKMP Identification payload Integer Overflow Exploit
2004-04-05 00:00:00
exploitpack
exploitpack
tcpdump - ISAKMP Identification Payload Integer Overflow
2004-04-05 00:00:00
zdt
zdt
tcpdump ISAKMP Identification payload Integer Overflow Exploit
2004-04-05 00:00:00
osv
osv
tcpdump - infinite loop
2003-02-27 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

High

EPSS

0.038

Percentile

91.9%

JSON
Related for NVD:CVE-2003-0108
debian2debiancve1cvelist1exploitdb2openvas2securityvulns1suse1nessus4redhat1cve1cert1ubuntucve1seebug1exploitpack1zdt1osv1