Lucene search
RedHatRHSA-2003:033HistoryFeb 26, 2003 - 12:00 a.m.
(RHSA-2003:033) tcpdump security update
2003-02-2600:00:00
access.redhat.com
15
EPSS
0.024
Percentile
89.9%
Tcpdump is a command-line tool for monitoring network traffic.
The BGP decoding routines in tcpdump before version 3.6.2 used incorrect
bounds checking when copying data, which allows remote attackers to cause a
denial of service and possibly execute arbitrary code (as the ‘pcap’ user).
If a UDP packet from a radius port contains 0 at the second byte tcpdump
gets stuck in a loop that generating an infinite stream of “#0#0#0#0#0”.
This could be used as a denial of service.
Users of tcpdump are advised to upgrade to these errata packages which
contain patches to correct thes issues.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | i386 | libpcap | < 0.6.2-12.2.1AS.1 | libpcap-0.6.2-12.2.1AS.1.i386.rpm |
| RedHat | any | ia64 | tcpdump | < 3.6.2-12.2.1AS.1 | tcpdump-3.6.2-12.2.1AS.1.ia64.rpm |
| RedHat | any | i386 | tcpdump | < 3.6.2-12.2.1AS.1 | tcpdump-3.6.2-12.2.1AS.1.i386.rpm |
| RedHat | any | ia64 | libpcap | < 0.6.2-12.2.1AS.1 | libpcap-0.6.2-12.2.1AS.1.ia64.rpm |
| RedHat | any | i386 | arpwatch | < 2.1a11-12.2.1AS.1 | arpwatch-2.1a11-12.2.1AS.1.i386.rpm |
| RedHat | any | ia64 | arpwatch | < 2.1a11-12.2.1AS.1 | arpwatch-2.1a11-12.2.1AS.1.ia64.rpm |
Related
nessus
nessus
RHEL 2.1 : tcpdump (RHSA-2003:033)
2004-07-06 00:00:00
Mandrake Linux Security Advisory : tcpdump (MDKSA-2003:027)
2004-07-31 00:00:00
Debian DSA-206-1 : tcpdump - denial of service
2004-09-29 00:00:00
openvas
openvas
Debian Security Advisory DSA 261-1 (tcpdump)
2008-01-17 00:00:00
Debian Security Advisory DSA 261-1 (tcpdump)
2008-01-17 00:00:00
Debian Security Advisory DSA 206-1 (tcpdump)
2008-01-17 00:00:00
nvd
nvd
cve
cve
cvelist
cvelist
debiancve
debiancve
debian
debian
osv
osv
tcpdump - denial of service
2002-12-10 00:00:00
tcpdump - infinite loop
2003-03-14 00:00:00