16 matches found
CVE-2005-1267
The CVE-2005-1267 issue affects the BGP dissector in tcpdump (v3.x). The vuln arises when bgp_update_print fails to handle a -1 return from decode_prefix4, enabling a remote attacker to trigger a denial-of-service via an infinite loop by sending a crafted BGP packet. The impact is a DoS on affect...
CVE-2003-0093
The CVE-2003-0093 entry concerns tcpdump 3.6.2 and earlier, where the RADIUS packet decoder can crash the process by processing an invalid RADIUS packet with a header length field of 0. This condition causes tcpdump to enter an infinite loop, yielding a denial of service. Connected documents (e.g...
CVE-2005-1279
CVE-2005-1279 affects tcpdump up to version 3.8.3 (and related issues CVE-2005-1278, CVE-2005-1280). The vulnerability is a denial-of-service via infinite loops caused by improper handling in the BGP dissector (RT_ROUTING_INFO) and the LDP packet handling in ldp_print, exploitable by crafted netw...
CVE-2002-1350
CVE-2002-1350 affects tcpdump: the BGP decoding routines in tcpdump 3.6.x before 3.7 do not copy data correctly, allowing remote attackers to trigger a denial of service (application crash). The issue arises from incorrect bounds checking when copying BGP data. Vulnerable product is tcpdump; affe...
CVE-2003-0145
CVE-2003-0145 : In tcpdump before 3.7.2, the RADIUS attribute handling can fail to process unknown attributes, allowing remote attackers to cause a denial of service via an infinite loop. This is evidenced by the CVE record and related entries (e.g., Debian/OpenVAS advisories). Upgrade to tcpdump...
CVE-2002-0380
CVE-2002-0380 is a vulnerability in tcpdump up to version 3.6.2 where handling NFS packets can trigger a buffer overflow, potentially allowing denial of service or arbitrary code execution. Connected sources (Debian, Red Hat, OSV, NVD) reiterate the same issue and cite that updated packages/patch...
CVE-2005-1280
CVE-2005-1280 affects tcpdump 3.9.1 and earlier, where the rsvp_print function can enter an infinite loop when handling a crafted RSVP packet of length 4, causing a denial of service. The vulnerability is publicly documented across multiple sources (e.g., Red Hat/CentOS advisories RHSA-2005-417 a...
CVE-2000-0333
The CVE affects tcpdump, Ethereal, and other sniffer packages that decode DNS packets. A crafted DNS query with malformed compressed labels (a pointer that references itself or creates cycles) can cause the decoder to loop, potentially consuming all CPU and crashing the process, i.e., a denial-of...
CVE-2005-1278
CVE-2005-1278 affects tcpdump up to version 3.9.1, where isis_print invoked by isoclns_print can be triggered by a zero-length GRE packet to cause a denial of service (infinite loop). Connected advisories (Red Hat, CentOS, Gentoo, Ubuntu, OpenVAS/Nessus entries) confirm tcpdump-related fixes and ...
CVE-2003-1029
CVE-2003-1029 affects the tcpdump packet analyzer (versions 3.8.1 and earlier) with a vulnerable L2TP protocol parser. A packet with invalid data sent to UDP port 1701 can trigger an infinite loop and unbounded memory use in l2tp_avp_print, causing a denial of service. Connections in the related ...
CVE-2004-0055
CVE-2004-0055 affects tcpdump v3.8.1 and earlier, where the print_attr_string function in the RADIUS decoding routines can be triggered by a large-length RADIUS attribute. The vulnerability allows remote attackers to cause a denial of service (segmentation fault) via crafted packets. Multiple ven...
CVE-2003-0108
CVE-2003-0108 affects tcpdump versions 3.6 to 3.7.1, where the ISAKMP parser can be triggered by a malformed ISAKMP packet to UDP port 500, causing tcpdump to enter an infinite loop and race CPU resources. The vulnerability is documented across multiple advisories (e.g., Red Hat, Debian, SUSE, Ma...
CVE-2001-1279
CVE-2001-1279 affects tcpdump 3.x (likely 3.6x) with a buffer overflow in the AFS RPC decoding path (print-rx.c). Exploitation via crafted AFS RPC packets with invalid lengths can cause a denial of service and may allow remote code execution with the privileges of tcpdump (typically root). The is...
CVE-2004-0057
CVE-2004-0057 concerns tcpdump
CVE-2000-1026
CVE-2000-1026 involves multiple buffer overflows in LBNL tcpdump that allow remote attackers to execute arbitrary commands. Affected software is tcpdump (LBNL). The vulnerability is triggered by crafting inputs over the network and, per CVSS, has high impact with full confidentiality, integrity, ...
CVE-1999-1024
The CVE-1999-1024 entry concerns the ip_print path in tcpdump 3.4a. A packet with a zero-length header can trigger an infinite loop within ip_print, leading to a denial of service and core dump when tcpdump prints the packet. The vulnerability is network-transmissible and has a high impact as per...