Page 34 of 182 results (0.014 seconds)

CVSS: 5.0EPSS: 82%CPEs: 1EXPL: 3

tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function. • https://www.exploit-db.com/exploits/957 https://www.exploit-db.com/exploits/958 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60/SCOSA-2005.60.txt http://secunia.com/advisories/15125 http://secunia.com/advisories/17101 http://secunia.com/advisories/18146 http://www.debian.org/security/2005/dsa-850 http://www.redhat.com/support/errata/RHSA-2005-417.html http://www.redhat.com/support/errata/RHSA-2005-421.html http://www.securityfocus.com/archive/1/396932 •

CVSS: 5.0EPSS: 65%CPEs: 1EXPL: 2

Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite. Desbordamieto de enteros en la función isakmp_id_print de TCPDUMP 3.8.1 y anteriores permite a atacantes remotos causar una denegación de servicio mediante un paquete ISAKMP con una carga útil de identificación con una longitud que se hace menor de 8 durante una conversión de orden de bytes, lo que causa una lectura fuera de límites, como se ha demostrado por el paquete de pruebas de protocolo ISAKMP Striker. • https://www.exploit-db.com/exploits/171 http://marc.info/?l=bugtraq&m=108067265931525&w=2 http://secunia.com/advisories/11258 http://securitytracker.com/id?1009593 http://www.debian.org/security/2004/dsa-478 http://www.kb.cert.org/vuls/id/492558 http://www.rapid7.com/advisories/R7-0017.html http://www.redhat.com/support/errata/RHSA-2004-219.html http://www.securityfocus.com/bid/10004 http://www.tcpdump.org/tcpdump-changes.txt http://www.trustix.org/erra • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 5.0EPSS: 55%CPEs: 1EXPL: 0

TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite. TCPDUMP 3.8.1 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) mediante paquetes ISAKMP conteniendo un carga útil de Dorrado con un gran númeo de SPIs, lo que causa una lectura fuera de límites, como se ha demostrado por el paquete de pruebas de protocolo ISAKMP Striker. • http://marc.info/?l=bugtraq&m=108067265931525&w=2 http://secunia.com/advisories/11258 http://secunia.com/advisories/11320 http://securitytracker.com/id?1009593 http://www.debian.org/security/2004/dsa-478 http://www.kb.cert.org/vuls/id/240790 http://www.rapid7.com/advisories/R7-0017.html http://www.redhat.com/support/errata/RHSA-2004-219.html http://www.securityfocus.com/bid/10003 http://www.tcpdump.org/tcpdump-changes.txt http://www.trustix.org/errata/2004 • CWE-125: Out-of-bounds Read •

CVSS: 5.0EPSS: 14%CPEs: 1EXPL: 0

The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used in a loop, a different vulnerability than CVE-2003-0989. La función rawprint en las rutinas de decodificación ISAKMP (print-isakmp.c) de tcpdump 3.8.1 y anteriores permite a atacantes remotos causar una denegación de servicio (fallo de segmentación) mediante paquetes ISAKMP malformados que causan que unos valores "len" o "loc" sean usados en un bucle, una vulnerabilidad diferente de CAN-2003-0989. • ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html http://lwn.net/Alerts/66445 http://lwn.net/Alerts/66805 http://marc.info/?l=bugtraq&m=107577418225627&w=2 http:&#x •

CVSS: 5.0EPSS: 40%CPEs: 6EXPL: 1

The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets. El procesador (parser) del protocolo L2TP en tcpdump 3.8.1 y anteriores permite a atacantes remotos causar una denegación de servicio (bucle infinito y consumición de memoria) mediante un paquete con datos no válidos al puerto UDP 1701, lo que causa que l2tp_avp_print ustilice un valor de longitud malo cuando llama a print_octets() • https://www.exploit-db.com/exploits/23452 http://lwn.net/Alerts/66805 http://marc.info/?l=bugtraq&m=107193841728533&w=2 http://marc.info/?l=bugtraq&m=107213553214985&w=2 http://marc.info/?l=tcpdump-workers&m=107228187124962&w=2 http://secunia.com/advisories/10636 http://secunia.com/advisories/10652 http://secunia.com/advisories/10668 http://secunia.com/advisories/10718 http://www.debian.org/security/2004/dsa-425 http://www.mandriva.com/security/advisories?na •