Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tcpdump
(Lbl)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 16 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 1999-05-31 | CVE-2000-0333 | tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet. | Ethereal, Tcpdump | N/A | ||
| 2005-05-02 | CVE-2005-1280 | The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. | Tcpdump | N/A | ||
| 2005-05-02 | CVE-2005-1279 | tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function. | Tcpdump | N/A | ||
| 2005-05-02 | CVE-2005-1278 | The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet. | Tcpdump | N/A | ||
| 2005-06-10 | CVE-2005-1267 | The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet. | Linux, Tcpdump, Mandrake_linux, Fedora_core, Secure_linux | N/A | ||
| 2004-02-17 | CVE-2004-0057 | The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used in a loop, a different vulnerability than CVE-2003-0989. | Tcpdump | N/A | ||
| 2004-02-17 | CVE-2004-0055 | The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value. | Tcpdump | N/A | ||
| 2004-02-17 | CVE-2003-1029 | The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets. | Tcpdump | N/A | ||
| 2003-03-31 | CVE-2003-0145 | Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093. | Tcpdump | N/A | ||
| 2003-03-07 | CVE-2003-0108 | isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop. | Tcpdump | N/A |