Joined: 12 May 2004
|Posted: Mon May 09, 2005 7:57 pm Post subject: [ GLSA 200505-06 ] TCPDump: Decoding routines Denial of Serv
|Gentoo Linux Security Advisory
Title: TCPDump: Decoding routines Denial of Service vulnerability (GLSA 200505-06)
Date: May 09, 2005
Updated: June 12, 2005
Bug(s): #90541, #95349
A flaw in the decoding of network packets renders TCPDump vulnerable to a remote Denial of Service attack.
TCPDump is a tool for network monitoring and data acquisition.
Vulnerable: < 3.8.3-r3
Unaffected: >= 3.8.3-r3
Architectures: All supported architectures
TCPDump improperly handles and decodes ISIS (CAN-2005-1278), BGP (CAN-2005-1267, CAN-2005-1279), LDP (CAN-2005-1279) and RSVP (CAN-2005-1280) packets. TCPDump might loop endlessly after receiving malformed packets.
A malicious remote attacker can exploit the decoding issues for a Denial of Service attack by sending specially crafted packets, possibly causing TCPDump to loop endlessly.
There is no known workaround at this time.
All TCPDump users should upgrade to the latest available version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/tcpdump-3.8.3-r3"
Last edited by GLSA on Sun May 07, 2006 4:56 pm; edited 1 time in total