Lbl Tcpdump vulnerabilities

CVE-2005-1267 [MEDIUM] CVE-2005-1267: The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the dec The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.

CVE-2005-1278 [MEDIUM] CVE-2005-1278: The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote atta The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.

CVE-2005-1280 [MEDIUM] CVE-2005-1280: The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of se The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.

CVE-2005-1279 [MEDIUM] CVE-2005-1279: tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function.

CVE-2003-1029 [MEDIUM] CVE-2003-1029: The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of s The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets.

CVE-2004-0057 [MEDIUM] CVE-2004-0057: The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used in a loop, a different vulnerability than CVE-2003-0989.

CVE-2004-0055 [MEDIUM] CVE-2004-0055: The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attacke The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.

CVE-2003-0145 [MEDIUM] CVE-2003-0145: Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attr Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.

CVE-2003-0108 [MEDIUM] CVE-2003-0108: isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service ( isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.

CVE-2003-0093 [MEDIUM] CVE-2003-0093: The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.

CVE-2002-1350 [HIGH] CVE-2002-1350: The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash).

CVE-2002-0380 [HIGH] CVE-2002-0380: Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service an Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.

CVE-1999-1024 [HIGH] CVE-1999-1024: ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a denial of service via a packet ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a denial of service via a packet with a zero length header, which causes an infinite loop and core dump when tcpdump prints the packet.

CVE-2001-1279 [HIGH] CVE-2001-1279: Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows remote attackers to cause a deni Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows remote attackers to cause a denial of service and possibly execute arbitrary code via AFS RPC packets with invalid lengths that trigger an integer signedness error, a different vulnerability than CVE-2000-1026.

CVE-2000-1026 [CRITICAL] CVE-2000-1026: Multiple buffer overflows in LBNL tcpdump allow remote attackers to execute arbitrary commands. Multiple buffer overflows in LBNL tcpdump allow remote attackers to execute arbitrary commands.

CVE-2000-0333 [MEDIUM] CVE-2000-0333: tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service vi tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet.