Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0057

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0057
Last Modified 21 Aug 2010 12:19:30
Published 17 Feb 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0057

Summary

The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used in a loop, a different vulnerability than CVE-2003-0989.

Vulnerable Systems

Application

  • Lbl Tcpdump 3.8.1


References

CERT-VN - VU#174086

BID - 9423

REDHAT - RHSA-2004:007

DEBIAN - DSA-425

XF - tcpdump-rawprint-isakmp-dos(14837)

BUGTRAQ - 20040119 [ESA-20040119-002] 'tcpdump' multiple vulnerabilities.

REDHAT - RHSA-2004:008

MLIST - [fedora-announce-list] 20040311 Re: [SECURITY] Fedora Core 1 Update: tcpdump-3.7.2-8.fc1.1

FEDORA - FEDORA-2004-092

FEDORA - FEDORA-2004-090

SECUNIA - 12179

SECUNIA - 11032

SECUNIA - 11022

SECUNIA - 10718

SECUNIA - 10668

SECUNIA - 10652

SECUNIA - 10644

SECUNIA - 10639

SECUNIA - 10636

MLIST - [tcpdump-workers] multiple vulnerabilities in tcpdump 3.8.1

ENGARDE - ESA-20040119-002

TRUSTIX - 2004-0004

APPLE - APPLE-SA-2004-02-23

SGI - 20040103-01-U

SCO - SCOSA-2004.9

CALDERA - CSSA-2004-008.0

SECTRACK - 1008716

FEDORA - FLSA:1222

MANDRAKE - MDKSA-2004:008

BUGTRAQ - 20040131 [FLSA-2004:1222] Updated tcpdump resolves security vulnerabilites (resend with correct paths)

SGI - 20040202-01-U


Last Updated: 27 May 2016 10:38:27