remote DoS in tcpdump

ID SUSE-SA:2004:002
Type suse
Reporter Suse
Modified 2004-01-14T14:14:50


Tcpdump is a well known tool for administrators to analyze network traffic. There is a bug in the tcpdump code responsible for handling ISAKMP messages. This bug allows remote attackers to destroy a current tcpdump session by tricking the tcpdump program with evil ISAKMP messages to enter an endless loop.