[MBT] new ticket for pkg tcpdump "Remote denial of service (CPU consumtion)"
bugs at pld.org.pl
bugs at pld.org.pl
Thu Mar 20 14:43:38 CET 2003
Date: 2003-03-20 14:43:36+01 Author: (kreutzm) <kreutzm at itp.uni-hannover.de>
Title: Remote denial of service (CPU consumtion)
Ticket ID: #614
Ticket URL: http://bugs.pld.org.pl/?bug=614
Package: tcpdump-1:3.7.1-1
Distribution: PLD-1.0.main
Category: security problem
Current state: opened
Text:
CAN-2003-0108:
isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.
The last version of PLD is from 2002/02/04, so this fix is most likly not (yet) included.
More information about the pld-bugs
mailing list