Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1029

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-1029
Last Modified 20 Feb 2009 12:27:05
Published 17 Feb 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1029

Summary

The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets.

Vulnerable Systems

Application

  • Lbl Tcpdump 3.4

  • Lbl Tcpdump 3.5

  • Lbl Tcpdump 3.5.2

  • Lbl Tcpdump 3.6.2

  • Lbl Tcpdump 3.6.3

  • Lbl Tcpdump 3.7


References

DEBIAN - DSA-425

BUGTRAQ - 20040119 [ESA-20040119-002] 'tcpdump' multiple vulnerabilities.

SECUNIA - 10718

SECUNIA - 10668

SECUNIA - 10652

SECUNIA - 10636

BUGTRAQ - 20031221 Re: Remote crash in tcpdump from OpenBSD

BUGTRAQ - 20031220 Remote crash in tcpdump from OpenBSD

ENGARDE - ESA-20040119-002

SECTRACK - 1008748

MANDRAKE - MDKSA-2004:008

MLIST - [tcpdump-workers] 20031224 Seg fault of tcpdump (v 3.8.1 and below) with malformed l2tp packets


Last Updated: 27 May 2016 10:38:09