Vulnerability Note VU#174086

tcpdump contains vulnerability in ISAKMP decoding function rawprint() in print-isakmp.c

Original Release date: 16 Jan 2004 | Last revised: 22 Jan 2004

Overview

tcpdump contains a vulnerability in the way it parses Internet Security Association and Key Management Protocol (ISAKMP) packets.

Description

tcpdump is a widely-used network sniffer that is capable of decoding ISAKMP packets. A vulnerability exists in the way the tcpdump rawprint() function (in print-isakmp.c) parses certain malformed ISAKMP packets containing an invalid "len" or "loc" value. For more information, please see RHSA-2004-007.

Impact

A remote attacker could cause a denial of service or possibly execute arbitrary code with privileges of the tcpdump process.

Solution

Upgrade or Apply Patch

Upgrade or apply a patch as specified by your vendor.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
DebianAffected16 Jan 200421 Jan 2004
Guardian Digital Inc. Affected-21 Jan 2004
OpenPKGAffected-21 Jan 2004
Red Hat Inc.Affected16 Jan 200421 Jan 2004
SuSE Inc.Affected16 Jan 200421 Jan 2004
tcpdump.orgAffected-21 Jan 2004
TrusixAffected-21 Jan 2004
TurboLinuxAffected16 Jan 200422 Jan 2004
HitachiNot Affected16 Jan 200422 Jan 2004
Openwall GNU/*/LinuxNot Affected16 Jan 200421 Jan 2004
Apple Computer Inc.Unknown-21 Jan 2004
ConectivaUnknown-21 Jan 2004
Cray Inc.Unknown-21 Jan 2004
EMC CorporationUnknown16 Jan 200421 Jan 2004
FreeBSDUnknown-21 Jan 2004
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This vulnerability was originally reported by Red Hat, Inc. Red Hat, in turn, credits Jonathan Heusser for discovering this vulnerability.

This document was written by Damon Morda.

Other Information

  • CVE IDs: CAN-2004-0057
  • Date Public: 14 Jan 2004
  • Date First Published: 16 Jan 2004
  • Date Last Updated: 22 Jan 2004
  • Severity Metric: 2.95
  • Document Revision: 11

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.