tcpdump is a widely-used network sniffer that is capable of decoding ISAKMP packets. A vulnerability exists in the way the tcpdump rawprint() function (in print-isakmp.c) parses certain malformed ISAKMP packets containing an invalid "len" or "loc" value. For more information, please see RHSA-2004-007.
A remote attacker could cause a denial of service or possibly execute arbitrary code with privileges of the tcpdump process.
Upgrade or Apply Patch
Upgrade or apply a patch as specified by your vendor.
This vulnerability was originally reported by Red Hat, Inc. Red Hat, in turn, credits Jonathan Heusser for discovering this vulnerability.
This document was written by Damon Morda.
|Date First Published:||2004-01-16|
|Date Last Updated:||2004-01-22 17:43 UTC|