GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Mon May 09, 2005 7:57 pm Post subject: [ GLSA 200505-06 ] TCPDump: Decoding routines Denial of Serv |
|
|
Gentoo Linux Security Advisory
Title: TCPDump: Decoding routines Denial of Service vulnerability (GLSA 200505-06)
Severity: normal
Exploitable: remote
Date: May 09, 2005
Updated: June 12, 2005
Bug(s): #90541, #95349
ID: 200505-06
Synopsis
A flaw in the decoding of network packets renders TCPDump vulnerable to a
remote Denial of Service attack.
Background
TCPDump is a tool for network monitoring and data acquisition.
Affected Packages
Package: net-analyzer/tcpdump
Vulnerable: < 3.8.3-r3
Unaffected: >= 3.8.3-r3
Architectures: All supported architectures
Description
TCPDump improperly handles and decodes ISIS (CAN-2005-1278), BGP
(CAN-2005-1267, CAN-2005-1279), LDP (CAN-2005-1279) and RSVP
(CAN-2005-1280) packets. TCPDump might loop endlessly after receiving
malformed packets.
Impact
A malicious remote attacker can exploit the decoding issues for a
Denial of Service attack by sending specially crafted packets, possibly
causing TCPDump to loop endlessly.
Workaround
There is no known workaround at this time.
Resolution
All TCPDump users should upgrade to the latest available version:
Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/tcpdump-3.8.3-r3" |
References
CAN-2005-1267
CAN-2005-1278
CAN-2005-1279
CAN-2005-1280
Last edited by GLSA on Sun Apr 20, 2014 4:20 am; edited 3 times in total |
|