CVE-2003-0108
published 2003-03-07CVE-2003-0108: isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to…
PriorityP421medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
11.34%
95.4th percentile
isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tcpdump | < tcpdump 3.7.1-1.2 (bookworm) | tcpdump 3.7.1-1.2 (bookworm) |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| tcpdump | tcpdump | >= 0 < 3.7.1-1.2 | 3.7.1-1.2 |
| tcpdump | tcpdump | >= 0 < 3.7.1-1.2 | 3.7.1-1.2 |
| tcpdump | tcpdump | >= 0 < 3.7.1-1.2 | 3.7.1-1.2 |
| tcpdump | tcpdump | >= 0 < 3.7.1-1.2 | 3.7.1-1.2 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mf37-67gp-f2x6: isakmp_sub_print in tcpdump 3
ghsa_unreviewed·2022-04-29
CVE-2003-0108 [MEDIUM] GHSA-mf37-67gp-f2x6: isakmp_sub_print in tcpdump 3
isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.
OSV
CVE-2003-0108: isakmp_sub_print in tcpdump 3
osv·2003-03-07·CVSS 5.0
CVE-2003-0108 [MEDIUM] CVE-2003-0108: isakmp_sub_print in tcpdump 3
isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.
Citrix
CVE-2007-0108: nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows
vendor_citrix·2007-01-09·CVSS 6.0
CVE-2007-0108 [MEDIUM] CVE-2007-0108: nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows
CVE-2007-0108: nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows remote authenticated users to invoke alternate user profiles.
Red Hat
security flaw
vendor_redhat·2003-02-27·CVSS 5.0
CVE-2003-0108 [MEDIUM] security flaw
security flaw
isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.
Debian
CVE-2003-0108: tcpdump - isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a...
vendor_debian·2003·CVSS 5.0
CVE-2003-0108 [MEDIUM] CVE-2003-0108: tcpdump - isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a...
isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.
Scope: local
bookworm: resolved (fixed in 3.7.1-1.2)
bullseye: resolved (fixed in 3.7.1-1.2)
forky: resolved (fixed in 3.7.1-1.2)
sid: resolved (fixed in 3.7.1-1.2)
trixie: resolved (fixed in 3.7.1-1.2)
No detection rules found.
Exploit-DB
Microsoft Office 2003 - '.wps' Local Stack Overflow (MS08-011)
exploitdb·2008-02-13
CVE-2008-0108 Microsoft Office 2003 - '.wps' Local Stack Overflow (MS08-011)
Microsoft Office 2003 - '.wps' Local Stack Overflow (MS08-011)
---
/*
* Copyright (c) 2008 chujwamwdupe - pumpernikiel.c
*
* one day in teletubby land...
*
* an email from idefense:
*
* "Unfortunately, Microsoft has refused to credit you using the name you requested."
*
* ...what's wrong with 'chujwamwdupe', eh?
*
*
* Description:
* A vulnerability exists in WPS to RTF convert filter that is part
* of Microsoft Office 2003. It could be exploited by remote attacker
* to take complete control of an affected system. This issue is due to
* stack overflow error in function that read secions from WPS file.
* When we change size of for example TEXT section to number langer than
* 0x10, stack overflow occurs - very easy to exploit.
*
*
* Tested on:
* Microsoft Windows XP Service Pack 2 && Micros
Exploit-DB
TCPDump 3.x - Malformed ISAKMP Packet Denial of Service
exploitdb·2003-03-01
CVE-2003-0108 TCPDump 3.x - Malformed ISAKMP Packet Denial of Service
TCPDump 3.x - Malformed ISAKMP Packet Denial of Service
---
// source: https://www.securityfocus.com/bid/6974/info
It has been reported that tcpdump is vulnerable to a denial of service when some packet types are received. By sending a maliciously formatted packet to a system using a vulnerable version of tcpdump, it is possible for a remote user to cause tcpdump to ignore network traffic from the time the packet is received until the application is terminated and restarted.
/*
* ST-tcphump.c -- tcpdump ISAKMP denial of service attack
* The Salvia Twist
* 01/03/03
*
* "A vulnerability exists in the parsing of ISAKMP packets (UDP port 500)
* that allows an attacker to force TCPDUMP into an infinite loop upon
* receipt of a specially crafted packet."
*
* The fault really lies in isakmp_s
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000629http://marc.info/?l=bugtraq&m=104637420104189&w=2http://marc.info/?l=bugtraq&m=104678787109030&w=2http://www.debian.org/security/2003/dsa-255http://www.idefense.com/advisory/02.27.03.txthttp://www.iss.net/security_center/static/11434.phphttp://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:027http://www.novell.com/linux/security/advisories/2003_015_tcpdump.htmlhttp://www.redhat.com/support/errata/RHSA-2003-032.htmlhttp://www.redhat.com/support/errata/RHSA-2003-085.htmlhttp://www.redhat.com/support/errata/RHSA-2003-214.htmlhttp://www.securityfocus.com/bid/6974http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000629http://marc.info/?l=bugtraq&m=104637420104189&w=2http://marc.info/?l=bugtraq&m=104678787109030&w=2http://www.debian.org/security/2003/dsa-255http://www.idefense.com/advisory/02.27.03.txthttp://www.iss.net/security_center/static/11434.phphttp://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:027http://www.novell.com/linux/security/advisories/2003_015_tcpdump.htmlhttp://www.redhat.com/support/errata/RHSA-2003-032.htmlhttp://www.redhat.com/support/errata/RHSA-2003-085.htmlhttp://www.redhat.com/support/errata/RHSA-2003-214.htmlhttp://www.securityfocus.com/bid/6974
2003-03-07
Published