This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Lbl First view 2002-06-18
Product Tcpdump Last view 2005-06-10
Version 3.5.2 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:lbl:tcpdump

Activity : Overall

Related : CVE

  Date Alert Description
5 2005-06-10 CVE-2005-1267

The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.

5 2005-05-02 CVE-2005-1280

The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.

5 2005-05-02 CVE-2005-1279

tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function.

5 2005-05-02 CVE-2005-1278

The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.

5 2004-05-04 CVE-2004-0184

Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

5 2004-05-04 CVE-2004-0183

TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

5 2004-02-17 CVE-2004-0057

The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used in a loop, a different vulnerability than CVE-2003-0989.

5 2004-02-17 CVE-2004-0055

The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.

5 2004-02-17 CVE-2003-1029

The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets.

5 2003-03-31 CVE-2003-0145

Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.

5 2003-03-07 CVE-2003-0108

isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.

5 2003-03-03 CVE-2003-0093

The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.

7.5 2002-12-23 CVE-2002-1350

The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash).

7.5 2002-06-18 CVE-2002-0380

Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.

Open Source Vulnerability Database (OSVDB)

id Description
17227 tcpdump bgp_update_print() Function Malformed BGP Protocol Data DoS
15904 tcpdump Malformed RSVP Packet Remote DoS
15864 tcpdump LDP ldp_print() Function Malformed Packet DoS
15863 tcpdump BGP RT_ROUTING_INFO Malformed Packet DoS
15862 tcpdump ISIS isis_print() Function Malformed Packet DoS
9854 tcpdump Malformed BGP Packet Handling Unspecified DoS
9853 tcpdump BGP Decoding Routines Data Copy Issue
9830 tcpdump Malformed NFS Packet Remote Overflow
8811 tcpdump ISAKMP isakmp_sub_print DoS
8804 tcpdump RADIUS Packet Decoder DoS
4751 tcpdump ISAKMP Delete Payload DoS
4750 tcpdump ISAKMP Identification Payload DoS
3558 tcpdump ISAKMP rawprint DoS
3557 tcpdump RADIUS print-radius.c DoS
3556 tcpdump L2TP DoS

ExploitDB Exploits

id Description
171 tcpdump ISAKMP Identification payload Integer Overflow Exploit

OpenVAS Exploits

id Description
2009-10-10 Name : SLES9: Security update for tcpdump
File : nvt/sles9p5021499.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200505-06 (tcpdump)
File : nvt/glsa_200505_06.nasl
2008-09-04 Name : FreeBSD Ports: tcpdump
File : nvt/freebsd_tcpdump.nasl
2008-09-04 Name : FreeBSD Ports: tcpdump
File : nvt/freebsd_tcpdump0.nasl
2008-09-04 Name : FreeBSD Ports: tcpdump
File : nvt/freebsd_tcpdump1.nasl
2008-09-04 Name : FreeBSD Security Advisory (FreeBSD-SA-05:10.tcpdump.asc)
File : nvt/freebsdsa_tcpdump.nasl
2008-01-17 Name : Debian Security Advisory DSA 206-1 (tcpdump)
File : nvt/deb_206_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 255-1 (tcpdump)
File : nvt/deb_255_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 261-1 (tcpdump)
File : nvt/deb_261_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 425-1 (tcpdump)
File : nvt/deb_425_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 478-1 (tcpdump)
File : nvt/deb_478_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 850-1 (tcpdump)
File : nvt/deb_850_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 854-1 (tcpdump)
File : nvt/deb_854_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2004-108-01 tcpdump denial of service
File : nvt/esoft_slk_ssa_2004_108_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2005-195-10 tcpdump DoS
File : nvt/esoft_slk_ssa_2005_195_10.nasl

Snort® IPS/IDS

Date Description
2014-01-10 tcpdump udp LDP print zero length message denial of service attempt
RuleID : 4141 - Type : SERVER-OTHER - Revision : 7
2014-01-10 tcpdump tcp LDP print zero length message denial of service attempt
RuleID : 4140 - Type : SERVER-OTHER - Revision : 6
2016-10-01 BGP invalid length
RuleID : 39977 - Type : SERVER-OTHER - Revision : 2
2016-05-03 TCPDUMP ISAKMP payload handling denial of service attempt
RuleID : 38365 - Type : SERVER-OTHER - Revision : 2
2014-01-10 ISAKMP invalid identification payload attempt
RuleID : 2486-community - Type : SERVER-OTHER - Revision : 14
2014-01-10 ISAKMP invalid identification payload attempt
RuleID : 2486 - Type : SERVER-OTHER - Revision : 14
2014-01-10 BGP invalid type 0
RuleID : 2159-community - Type : SERVER-OTHER - Revision : 15
2014-01-10 BGP invalid type 0
RuleID : 2159 - Type : SERVER-OTHER - Revision : 15
2014-01-10 BGP invalid length
RuleID : 2158-community - Type : SERVER-OTHER - Revision : 12
2014-01-10 BGP invalid length
RuleID : 2158 - Type : SERVER-OTHER - Revision : 12

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_96ba2dae4ab011d896f20020ed76ef5a.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-417.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-505.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-421.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-141-1.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-119-1.nasl - Type: ACT_GATHER_INFO
2005-10-11 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-854.nasl - Type: ACT_GATHER_INFO
2005-10-11 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-850.nasl - Type: ACT_GATHER_INFO
2005-09-12 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-351.nasl - Type: ACT_GATHER_INFO
2005-07-16 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2005-195-10.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2004-108-01.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_9fae0f1fdf8211d9b8750001020eed82.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_f8551668de094d7b9720f1360929df07.nasl - Type: ACT_GATHER_INFO
2005-06-28 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-407.nasl - Type: ACT_GATHER_INFO
2005-06-16 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-101.nasl - Type: ACT_GATHER_INFO
2005-06-13 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2005-505.nasl - Type: ACT_GATHER_INFO
2005-06-10 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-406.nasl - Type: ACT_GATHER_INFO
2005-05-17 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-087.nasl - Type: ACT_GATHER_INFO
2005-05-11 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2005-421.nasl - Type: ACT_GATHER_INFO
2005-05-11 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2005-417.nasl - Type: ACT_GATHER_INFO
2005-05-11 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200505-06.nasl - Type: ACT_GATHER_INFO
2004-09-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-425.nasl - Type: ACT_GATHER_INFO
2004-09-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-206.nasl - Type: ACT_GATHER_INFO
2004-09-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-255.nasl - Type: ACT_GATHER_INFO
2004-09-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-261.nasl - Type: ACT_GATHER_INFO