CVE-2004-0057

Name of the Vulnerable Software and Affected Versions tcpdump versions 3.8.1 and earlier libpcap version 0.7.2 arpwatch version 2.1a11

Description The issue concerns multiple vulnerabilities in various packages of the Red Hat Linux operating system, including tcpdump, libpcap, and arpwatch. These vulnerabilities can be exploited remotely, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Specifically, the rawprint function in the ISAKMP decoding routines of tcpdump is vulnerable to denial of service attacks via malformed ISAKMP packets.

Recommendations For tcpdump versions 3.8.1 and earlier, consider updating to a version later than 3.8.1 to mitigate the risk. For libpcap version 0.7.2, restrict access to the vulnerable module to minimize the risk of exploitation until a patch is available. For arpwatch version 2.1a11, avoid using the vulnerable functions until the issue is resolved. As a temporary workaround, consider disabling the vulnerable components of these packages until a patch is available.