Shodan
Vulnerabilities
Vulnerable Software
Lbl:  >> Tcpdump  >> 3.6.2  Security Vulnerabilities
CVE-2005-1267
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
CVSS Score
5.0
EPSS Score
0.113
Published
2005-06-10
CVE-2003-1029
The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets.
CVSS Score
5.0
EPSS Score
0.214
Published
2004-02-17
CVE-2004-0055
The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.
CVSS Score
5.0
EPSS Score
0.313
Published
2004-02-17
CVE-2003-0145
Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.
CVSS Score
5.0
EPSS Score
0.013
Published
2003-03-31
CVE-2003-0108
isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.
CVSS Score
5.0
EPSS Score
0.17
Published
2003-03-07
CVE-2003-0093
The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.
CVSS Score
5.0
EPSS Score
0.015
Published
2003-03-03
CVE-2001-1279
Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows remote attackers to cause a denial of service and possibly execute arbitrary code via AFS RPC packets with invalid lengths that trigger an integer signedness error, a different vulnerability than CVE-2000-1026.
CVSS Score
7.5
EPSS Score
0.13
Published
2001-07-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved