CVE-2005-1267
published 2005-06-10CVE-2005-1267: The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to…
PriorityP426medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
13.50%
96.0th percentile
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tcpdump | < tcpdump 3.9.0.cvs.20050614-1 (bookworm) | tcpdump 3.9.0.cvs.20050614-1 (bookworm) |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| lbl | tcpdump | — | — |
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux | — | — |
| redhat | fedora_core | — | — |
| redhat | fedora_core | — | — |
| tcpdump | tcpdump | >= 0 < 3.9.0.cvs.20050614-1 | 3.9.0.cvs.20050614-1 |
| tcpdump | tcpdump | >= 0 < 3.9.0.cvs.20050614-1 | 3.9.0.cvs.20050614-1 |
| tcpdump | tcpdump | >= 0 < 3.9.0.cvs.20050614-1 | 3.9.0.cvs.20050614-1 |
| tcpdump | tcpdump | >= 0 < 3.9.0.cvs.20050614-1 | 3.9.0.cvs.20050614-1 |
| trustix | secure_linux | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p5p7-x2fv-868r: The bgp_update_print function in tcpdump 3
ghsa_unreviewed·2022-05-01
CVE-2005-1267 [MEDIUM] GHSA-p5p7-x2fv-868r: The bgp_update_print function in tcpdump 3
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
OSV
CVE-2005-1267: The bgp_update_print function in tcpdump 3
osv·2005-06-10·CVSS 5.0
CVE-2005-1267 [MEDIUM] CVE-2005-1267: The bgp_update_print function in tcpdump 3
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
Ubuntu
tcpdump vulnerability
vendor_ubuntu·2005-06-21
CVE-2005-1267 tcpdump vulnerability
Title: tcpdump vulnerability
Summary: tcpdump vulnerability
It was discovered that certain invalid BGP packets triggered an
infinite loop in tcpdump, which caused tcpdump to stop working. This
could be abused by a remote attacker to bypass tcpdump analysis of
network traffic.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
security flaw
vendor_redhat·2005-06-06·CVSS 5.0
CVE-2005-1267 [MEDIUM] security flaw
security flaw
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
Debian
CVE-2005-1267: tcpdump - The bgp_update_print function in tcpdump 3.x does not properly handle a -1 retur...
vendor_debian·2005·CVSS 5.0
CVE-2005-1267 [MEDIUM] CVE-2005-1267: tcpdump - The bgp_update_print function in tcpdump 3.x does not properly handle a -1 retur...
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
Scope: local
bookworm: resolved (fixed in 3.9.0.cvs.20050614-1)
bullseye: resolved (fixed in 3.9.0.cvs.20050614-1)
forky: resolved (fixed in 3.9.0.cvs.20050614-1)
sid: resolved (fixed in 3.9.0.cvs.20050614-1)
trixie: resolved (fixed in 3.9.0.cvs.20050614-1)
No detection rules found.
http://secunia.com/advisories/15634/http://secunia.com/advisories/17118http://www.debian.org/security/2005/dsa-854http://www.redhat.com/archives/fedora-announce-list/2005-June/msg00007.htmlhttp://www.redhat.com/support/errata/RHSA-2005-505.htmlhttp://www.securityfocus.com/archive/1/430292/100/0/threadedhttp://www.securityfocus.com/bid/13906http://www.trustix.org/errata/2005/0028/https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159208https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11148http://secunia.com/advisories/15634/http://secunia.com/advisories/17118http://www.debian.org/security/2005/dsa-854http://www.redhat.com/archives/fedora-announce-list/2005-June/msg00007.htmlhttp://www.redhat.com/support/errata/RHSA-2005-505.htmlhttp://www.securityfocus.com/archive/1/430292/100/0/threadedhttp://www.securityfocus.com/bid/13906http://www.trustix.org/errata/2005/0028/https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159208https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11148
2005-06-10
Published