CVE-2004-0183 Information

Feb 14, 2021 cve

Description

TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI’s which causes an out-of-bounds read as demonstrated by the Striker ISAKMP Protocol Test Suite.

Reference

http://marc.info/?l=bugtraq&m=108067265931525&w=2 http://secunia.com/advisories/11258 http://secunia.com/advisories/11320 http://securitytracker.com/id?1009593 http://www.debian.org/security/2004/dsa-478 http://www.kb.cert.org/vuls/id/240790 http://www.rapid7.com/advisories/R7-0017.html http://www.redhat.com/support/errata/RHSA-2004-219.html http://www.securityfocus.com/bid/10003 http://www.tcpdump.org/tcpdump-changes.txt http://www.trustix.org/errata/2004/0015 https://bugzilla.fedora.us/show_bug.cgi?id=1468 https://exchange.xforce.ibmcloud.com/vulnerabilities/15680 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A972 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9971

Share on: