This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Lbl First view 2003-03-07
Product Tcpdump Last view 2005-06-10
Version 3.7.1 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:lbl:tcpdump

Activity : Overall

Related : CVE

  Date Alert Description
5 2005-06-10 CVE-2005-1267

The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.

5 2005-05-02 CVE-2005-1280

The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.

5 2005-05-02 CVE-2005-1279

tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function.

5 2005-05-02 CVE-2005-1278

The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.

5 2004-05-04 CVE-2004-0184

Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

5 2004-05-04 CVE-2004-0183

TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

5 2004-02-17 CVE-2004-0057

The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used in a loop, a different vulnerability than CVE-2003-0989.

5 2004-02-17 CVE-2004-0055

The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.

5 2003-03-31 CVE-2003-0145

Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.

5 2003-03-07 CVE-2003-0108

isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.

Open Source Vulnerability Database (OSVDB)

id Description
17227 tcpdump bgp_update_print() Function Malformed BGP Protocol Data DoS
15904 tcpdump Malformed RSVP Packet Remote DoS
15864 tcpdump LDP ldp_print() Function Malformed Packet DoS
15863 tcpdump BGP RT_ROUTING_INFO Malformed Packet DoS
15862 tcpdump ISIS isis_print() Function Malformed Packet DoS
9854 tcpdump Malformed BGP Packet Handling Unspecified DoS
8811 tcpdump ISAKMP isakmp_sub_print DoS
4751 tcpdump ISAKMP Delete Payload DoS
4750 tcpdump ISAKMP Identification Payload DoS
3558 tcpdump ISAKMP rawprint DoS
3557 tcpdump RADIUS print-radius.c DoS

ExploitDB Exploits

id Description
171 tcpdump ISAKMP Identification payload Integer Overflow Exploit

OpenVAS Exploits

id Description
2009-10-10 Name : SLES9: Security update for tcpdump
File : nvt/sles9p5021499.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200505-06 (tcpdump)
File : nvt/glsa_200505_06.nasl
2008-09-04 Name : FreeBSD Ports: tcpdump
File : nvt/freebsd_tcpdump.nasl
2008-09-04 Name : FreeBSD Ports: tcpdump
File : nvt/freebsd_tcpdump0.nasl
2008-09-04 Name : FreeBSD Ports: tcpdump
File : nvt/freebsd_tcpdump1.nasl
2008-09-04 Name : FreeBSD Security Advisory (FreeBSD-SA-05:10.tcpdump.asc)
File : nvt/freebsdsa_tcpdump.nasl
2008-01-17 Name : Debian Security Advisory DSA 255-1 (tcpdump)
File : nvt/deb_255_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 425-1 (tcpdump)
File : nvt/deb_425_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 478-1 (tcpdump)
File : nvt/deb_478_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 850-1 (tcpdump)
File : nvt/deb_850_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 854-1 (tcpdump)
File : nvt/deb_854_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2004-108-01 tcpdump denial of service
File : nvt/esoft_slk_ssa_2004_108_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2005-195-10 tcpdump DoS
File : nvt/esoft_slk_ssa_2005_195_10.nasl

Snort® IPS/IDS

Date Description
2014-01-10 tcpdump udp LDP print zero length message denial of service attempt
RuleID : 4141 - Type : SERVER-OTHER - Revision : 7
2014-01-10 tcpdump tcp LDP print zero length message denial of service attempt
RuleID : 4140 - Type : SERVER-OTHER - Revision : 6
2016-05-03 TCPDUMP ISAKMP payload handling denial of service attempt
RuleID : 38365 - Type : SERVER-OTHER - Revision : 2
2014-01-10 ISAKMP invalid identification payload attempt
RuleID : 2486-community - Type : SERVER-OTHER - Revision : 14
2014-01-10 ISAKMP invalid identification payload attempt
RuleID : 2486 - Type : SERVER-OTHER - Revision : 14

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_96ba2dae4ab011d896f20020ed76ef5a.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-417.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-505.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-421.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-141-1.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-119-1.nasl - Type: ACT_GATHER_INFO
2005-10-11 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-854.nasl - Type: ACT_GATHER_INFO
2005-10-11 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-850.nasl - Type: ACT_GATHER_INFO
2005-09-12 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-351.nasl - Type: ACT_GATHER_INFO
2005-07-16 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2005-195-10.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2004-108-01.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_f8551668de094d7b9720f1360929df07.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_9fae0f1fdf8211d9b8750001020eed82.nasl - Type: ACT_GATHER_INFO
2005-06-28 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-407.nasl - Type: ACT_GATHER_INFO
2005-06-16 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-101.nasl - Type: ACT_GATHER_INFO
2005-06-13 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2005-505.nasl - Type: ACT_GATHER_INFO
2005-06-10 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-406.nasl - Type: ACT_GATHER_INFO
2005-05-17 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-087.nasl - Type: ACT_GATHER_INFO
2005-05-11 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200505-06.nasl - Type: ACT_GATHER_INFO
2005-05-11 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2005-421.nasl - Type: ACT_GATHER_INFO
2005-05-11 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2005-417.nasl - Type: ACT_GATHER_INFO
2004-09-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-425.nasl - Type: ACT_GATHER_INFO
2004-09-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-261.nasl - Type: ACT_GATHER_INFO
2004-09-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-255.nasl - Type: ACT_GATHER_INFO
2004-09-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-478.nasl - Type: ACT_GATHER_INFO