CVE-2003-0145 — Infinite Loop in Tcpdump

8 documents8 sources

Severity

5.0MEDIUMNVD

EPSS

1.3%

top 20.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tcpdump LBL Tcpdump

Timeline

PublishedMar 31

Latest updateApr 29

Description

Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶Debiantcpdump/tcpdump< 3.7.2-1+3

▶NVDlbl/tcpdump4 versions+3

🔴Vulnerability Details

GHSA

GHSA-57ch-4f4p-v65v: Unknown vulnerability in tcpdump before 3↗2022-04-29

▶

CVEList

CVE-2003-0145: Unknown vulnerability in tcpdump before 3↗2004-09-01

▶

OSV

CVE-2003-0145: Unknown vulnerability in tcpdump before 3↗2003-03-31

▶

📋Vendor Advisories

Red Hat

security flaw↗2003-02-25

▶

Debian

CVE-2003-0145: tcpdump - Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle...↗2003

▶

💬Community

Bugzilla

CVE-2003-0145 security flaw↗2018-08-16

▶