CVE-2004-0183 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2004-0183
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2004-0183

Description: TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/15680 TRUSTIX http://www.trustix.org/errata/2004/0015 ST 1009593 SAID Secunia Advisory: SA11320 Secunia Advisory: SA11258 REDHAT http://www.redhat.com/support/errata/RHSA-2004-219.html OVAL http://oval.mitre.org/oval/definitions/data/oval972.html MISC http://www.rapid7.com/advisories/R7-0017.html FEDORA DEBIAN http://www.debian.org/security/2004/dsa-478 CONFIRM http://www.tcpdump.org/tcpdump-changes.txt CERT-VN 240790 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=108067265931525&w=2 BID 10003

Return to the previous page.