Vulnerability Details CVE-2000-0333
tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.054
EPSS Ranking 89.5%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/1165
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.SOL.4.10.10005021942380.2077-100000%40paranoia.pgci.ca
- http://www.securityfocus.com/bid/1165
- http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.SOL.4.10.10005021942380.2077-100000%40paranoia.pgci.ca
Products affected by CVE-2000-0333
-
cpe:2.3:a:ethereal_group:ethereal:0.8.4
-
cpe:2.3:a:ethereal_group:ethereal:0.8.5
-
cpe:2.3:a:ethereal_group:ethereal:0.8.6
-
cpe:2.3:a:lbl:tcpdump:3.4
-
cpe:2.3:a:lbl:tcpdump:3.5a