CVE-2005-1278 Information

Description

The isis_print function as called by isoclns_print in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length as demonstrated using a GRE packet.

Reference

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60/SCOSA-2005.60.txt http://secunia.com/advisories/15125 http://secunia.com/advisories/18146 http://www.redhat.com/support/errata/RHSA-2005-417.html http://www.redhat.com/support/errata/RHSA-2005-421.html http://www.securityfocus.com/archive/1/396932 http://www.securityfocus.com/archive/1/430292/100/0/threaded http://www.securityfocus.com/bid/13392 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10159