CVE-2005-1278
published 2005-05-02CVE-2005-1278: The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a…
PriorityP425medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
10.80%
95.3th percentile
The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tcpdump | < tcpdump 3.8.3-4 (bookworm) | tcpdump 3.8.3-4 (bookworm) |
| lbl | tcpdump | <= 3.9.1 | — |
| tcpdump | tcpdump | >= 0 < 3.8.3-4 | 3.8.3-4 |
| tcpdump | tcpdump | >= 0 < 3.8.3-4 | 3.8.3-4 |
| tcpdump | tcpdump | >= 0 < 3.8.3-4 | 3.8.3-4 |
| tcpdump | tcpdump | >= 0 < 3.8.3-4 | 3.8.3-4 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-24qh-5jcc-qhqq: The isis_print function, as called by isoclns_print, in tcpdump 3
ghsa_unreviewed·2022-05-03
CVE-2005-1278 [MEDIUM] GHSA-24qh-5jcc-qhqq: The isis_print function, as called by isoclns_print, in tcpdump 3
The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.
OSV
CVE-2005-1278: The isis_print function, as called by isoclns_print, in tcpdump 3
osv·2005-05-02·CVSS 5.0
CVE-2005-1278 [MEDIUM] CVE-2005-1278: The isis_print function, as called by isoclns_print, in tcpdump 3
The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.
Ubuntu
tcpdump vulnerabilities
vendor_ubuntu·2005-05-06
CVE-2005-1278 tcpdump vulnerabilities
Title: tcpdump vulnerabilities
Summary: tcpdump vulnerabilities
It was discovered that certain invalid GRE, LDP, BGP, and RSVP packets
triggered infinite loops in tcpdump, which caused tcpdump to stop
working. This could be abused by a remote attacker to bypass tcpdump
analysis of network traffic.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
security flaw
vendor_redhat·2005-04-26·CVSS 5.0
CVE-2005-1278 [MEDIUM] security flaw
security flaw
The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.
Debian
CVE-2005-1278: tcpdump - The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlie...
vendor_debian·2005·CVSS 5.0
CVE-2005-1278 [MEDIUM] CVE-2005-1278: tcpdump - The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlie...
The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.
Scope: local
bookworm: resolved (fixed in 3.8.3-4)
bullseye: resolved (fixed in 3.8.3-4)
forky: resolved (fixed in 3.8.3-4)
sid: resolved (fixed in 3.8.3-4)
trixie: resolved (fixed in 3.8.3-4)
No detection rules found.
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60/SCOSA-2005.60.txthttp://secunia.com/advisories/15125http://secunia.com/advisories/18146http://www.redhat.com/support/errata/RHSA-2005-417.htmlhttp://www.redhat.com/support/errata/RHSA-2005-421.htmlhttp://www.securityfocus.com/archive/1/396932http://www.securityfocus.com/archive/1/430292/100/0/threadedhttp://www.securityfocus.com/bid/13392https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10159ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60/SCOSA-2005.60.txthttp://secunia.com/advisories/15125http://secunia.com/advisories/18146http://www.redhat.com/support/errata/RHSA-2005-417.htmlhttp://www.redhat.com/support/errata/RHSA-2005-421.htmlhttp://www.securityfocus.com/archive/1/396932http://www.securityfocus.com/archive/1/430292/100/0/threadedhttp://www.securityfocus.com/bid/13392https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10159
2005-05-02
Published