Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0333

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2000-0333
Last Modified 10 Sep 2008 03:04:09
Published 31 May 1999 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0333

Summary

tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet.

Vulnerable Systems

Application

  • Ethereal Group Ethereal 0.8.4

  • Ethereal Group Ethereal 0.8.5

  • Ethereal Group Ethereal 0.8.6

  • Lbl Tcpdump 3.4

  • Lbl Tcpdump 3.5a


References

BID - 1165

BUGTRAQ - 20000502 Denial of service attack against tcpdump


Last Updated: 27 May 2016 10:35:40