Lbl: >> Tcpdump >> 3.4 Security Vulnerabilities
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
CVSS Score
5.0
EPSS Score
0.113
Published
2005-06-10
The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets.
CVSS Score
5.0
EPSS Score
0.214
Published
2004-02-17
The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.
CVSS Score
5.0
EPSS Score
0.015
Published
2003-03-03
ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a denial of service via a packet with a zero length header, which causes an infinite loop and core dump when tcpdump prints the packet.
CVSS Score
7.5
EPSS Score
0.044
Published
2001-11-28
Multiple buffer overflows in LBNL tcpdump allow remote attackers to execute arbitrary commands.
CVSS Score
10.0
EPSS Score
0.045
Published
2000-12-11
tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet.
CVSS Score
5.0
EPSS Score
0.054
Published
1999-05-31