PT-2005-2282 · Tcpdump+1 · Tcpdump+1

Vade 79

Published

2005-04-26

Updated

2018-10-19

CVE-2005-1279

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: tcpdump versions 3.8.3 and earlier

Description: The issue allows remote attackers to cause a denial of service, resulting in an infinite loop, via crafted packets. This can be achieved through either a BGP packet that is not properly handled by RT ROUTING INFO or an LDP packet that is not properly handled by the ldp print function.

Recommendations: For versions 3.8.3 and earlier, update to a version later than 3.8.3 to resolve the issue. As a temporary workaround, consider restricting the handling of BGP and LDP packets to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1279

DSA-850-1

RHSA-2005:417

RHSA-2005:421

RHSA-2005_417

RHSA-2005_421

Affected Products

Red Hat

Tcpdump

PT-2005-2282 · Tcpdump+1 · Tcpdump+1

CVE-2005-1279

Related Identifiers

Affected Products

References · 23