Lbl

Tcpdump

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2005-1267

  • EPSS 11.27%
  • Veröffentlicht 10.06.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.

5

CVE-2005-1278

  • EPSS 15.42%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.

5

CVE-2005-1279

Exploit
  • EPSS 56.79%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function.

5

CVE-2005-1280

Exploit
  • EPSS 13.65%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.

5

CVE-2003-1029

  • EPSS 21.39%
  • Veröffentlicht 17.02.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value w...

5

CVE-2004-0055

Exploit
  • EPSS 32.38%
  • Veröffentlicht 17.02.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.

5

CVE-2004-0057

  • EPSS 26.2%
  • Veröffentlicht 17.02.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be...

5

CVE-2003-0145

  • EPSS 1.27%
  • Veröffentlicht 31.03.2003 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.

5

CVE-2003-0108

  • EPSS 17.04%
  • Veröffentlicht 07.03.2003 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.

5

CVE-2003-0093

Exploit
  • EPSS 1.5%
  • Veröffentlicht 03.03.2003 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.