CVE-2004-0057 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2004-0057
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2004-0057

Description: The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used in a loop, a different vulnerability than CVE-2003-0989.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/14837 ST 1008716 SGI SAID Secunia Advisory: SA10636 REDHAT http://www.redhat.com/support/errata/RHSA-2004-008.html http://www.redhat.com/support/errata/RHSA-2004-007.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:851 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:854 MLIST http://marc.theaimsgroup.com/?l=tcpdump-workers&m=107325073018070&w=2 MANDRAKE http://www.mandriva.com/security/advisories?name=MDKSA-2004:008 FEDORA http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html DEBIAN http://www.debian.org/security/2004/dsa-425 CERT-VN 174086 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=107577418225627&w=2 BID 9423 APPLE http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html

Return to the previous page.