Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0093

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-0093
Last Modified 10 Sep 2008 03:17:54
Published 03 Mar 2003 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0093

Summary

The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.

Vulnerable Systems

Application

  • Lbl Tcpdump 3.4

  • Lbl Tcpdump 3.4a6

  • Lbl Tcpdump 3.5

  • Lbl Tcpdump 3.5.2

  • Lbl Tcpdump 3.6.2


References

MISC - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=81585

XF - tcpdump-radius-decoder-dos(11324)

REDHAT - RHSA-2003:214

REDHAT - RHSA-2003:033

REDHAT - RHSA-2003:032

MANDRAKE - MDKSA-2003:027

DEBIAN - DSA-261


Last Updated: 27 May 2016 10:37:47