CVE-2003-0093

Name of the Vulnerable Software and Affected Versions tcpdump versions 3.6.2 and earlier libpcap version 0.6.2 arpwatch version 2.1a11

Description The issue concerns multiple vulnerabilities in certain packages of the Red Hat Linux operating system, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. Specifically, the RADIUS decoder in tcpdump is vulnerable to a denial of service attack via an invalid RADIUS packet with a header length field of 0, causing tcpdump to enter an infinite loop.

Recommendations For tcpdump versions 3.6.2 and earlier, consider updating to a version later than 3.6.2 to resolve the issue. For libpcap version 0.6.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For arpwatch version 2.1a11, at the moment, there is no information about a newer version that contains a fix for this vulnerability.