CVE-2000-0333
published 1999-05-31CVE-2000-0333: tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to…
PriorityP417medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
7.58%
93.8th percentile
tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| ethereal_group | ethereal | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Ethereal 0.8.4/0.8.5/0.8.6 / tcpdump 3.4/3.5 alpha - DNS Decode (2)
exploitdb·1999-05-31
CVE-2000-0333 Ethereal 0.8.4/0.8.5/0.8.6 / tcpdump 3.4/3.5 alpha - DNS Decode (2)
Ethereal 0.8.4/0.8.5/0.8.6 / tcpdump 3.4/3.5 alpha - DNS Decode (2)
---
source: https://www.securityfocus.com/bid/1165/info
A vulnerability exists in the DNS decode capabilities provided as part of the tcpdump sniffer, from LBL, as well as other sniffers, including Ethereal, by Gerald Combs. These sniffers will attempt to decode DNS request and queries. However, due to the DNS name compression scheme, it is possible to create a DNS packet such that tcpdump will be caught in an infinite loop, while trying to decompress. This will prevent the sniffer from displaying further packets. If tcpdump is being used as some part of and intrusion detection system, this could allow an intruder to evade this system.
When tcpdump is logging to a file, it is not affected by this vulnerability. Upon re
Exploit-DB
Ethereal 0.8.4/0.8.5/0.8.6 / tcpdump 3.4/3.5 alpha - DNS Decode (1)
exploitdb·1999-05-31
CVE-2000-0333 Ethereal 0.8.4/0.8.5/0.8.6 / tcpdump 3.4/3.5 alpha - DNS Decode (1)
Ethereal 0.8.4/0.8.5/0.8.6 / tcpdump 3.4/3.5 alpha - DNS Decode (1)
---
// source: https://www.securityfocus.com/bid/1165/info
A vulnerability exists in the DNS decode capabilities provided as part of the tcpdump sniffer, from LBL, as well as other sniffers, including Ethereal, by Gerald Combs. These sniffers will attempt to decode DNS request and queries. However, due to the DNS name compression scheme, it is possible to create a DNS packet such that tcpdump will be caught in an infinite loop, while trying to decompress. This will prevent the sniffer from displaying further packets. If tcpdump is being used as some part of and intrusion detection system, this could allow an intruder to evade this system.
When tcpdump is logging to a file, it is not affected by this vulnerability. Upon
No writeups or analysis indexed.
http://www.securityfocus.com/bid/1165http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.SOL.4.10.10005021942380.2077-100000%40paranoia.pgci.cahttp://www.securityfocus.com/bid/1165http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.SOL.4.10.10005021942380.2077-100000%40paranoia.pgci.ca
1999-05-31
Published