tcpdump is a widely-used network sniffer that is capable of decoding ISAKMP packets. A vulnerability exists in the way tcpdump parses specially crafted ISAKMP packets.
A remote attacker could cause tcpdump to enter an infinite loop or possibly execute arbitrary code with privileges of the tcpdump process.
Upgrade or Apply Patch
This vulnerability was originally reported by Red Hat, Inc. Red Hat, in turn, credits George Bakos for discovering this vulnerability.
This document was written by Damon Morda.
|Date First Published:||2004-01-16|
|Date Last Updated:||2004-01-22 17:57 UTC|