ID CVE-2003-0989
Summary tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
References
Vulnerable Configurations
  • Red Hat tcpdump 3.8.0
    cpe:2.3:a:redhat:tcpdump:3.8.0
  • cpe:2.3:o:redhat:linux:9.0:-:i386
    cpe:2.3:o:redhat:linux:9.0:-:i386
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_TCPDUMP_381_351.NASL
    description The following package needs to be updated: tcpdump
    last seen 2016-09-26
    modified 2004-07-06
    plugin id 12619
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12619
    title FreeBSD : L2TP, ISAKMP, and RADIUS parsing vulnerabilities in tcpdump (192)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2004-008.NASL
    description A number of vulnerabilities were discovered in tcpdump versions prior to 3.8.1 that, if fed a maliciously crafted packet, could be exploited to crash tcpdump or potentially execute arbitrary code with the privileges of the user running tcpdump. These vulnerabilities include : An infinite loop and memory consumption processing L2TP packets (CVE-2003-1029). Infinite loops in processing ISAKMP packets (CVE-2003-0989, CVE-2004-0057). A segmentation fault caused by a RADIUS attribute with a large length value (CVE-2004-0055). The updated packages are patched to correct these problem.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 14108
    published 2004-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14108
    title Mandrake Linux Security Advisory : tcpdump (MDKSA-2004:008)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-425.NASL
    description Multiple vulnerabilities were discovered in tcpdump, a tool for inspecting network traffic. If a vulnerable version of tcpdump attempted to examine a maliciously constructed packet, a number of buffer overflows could be exploited to crash tcpdump, or potentially execute arbitrary code with the privileges of the tcpdump process. - CAN-2003-1029 - infinite loop and memory consumption in processing L2TP packets - CAN-2003-0989, CAN-2004-0057 - infinite loops in processing ISAKMP packets - CAN-2004-0055 - segmentation fault caused by a RADIUS attribute with a large length value
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15262
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15262
    title Debian DSA-425-1 : tcpdump - multiple vulnerabilities
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_96BA2DAE4AB011D896F20020ED76EF5A.NASL
    description Jonathan Heusser discovered vulnerabilities in tcpdump's L2TP, ISAKMP, and RADIUS protocol handlers. These vulnerabilities may be used by an attacker to crash a running `tcpdump' process.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 37028
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37028
    title FreeBSD : L2TP, ISAKMP, and RADIUS parsing vulnerabilities in tcpdump (96ba2dae-4ab0-11d8-96f2-0020ed76ef5a)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2004-092.NASL
    description Updated tcpdump, libpcap, and arpwatch packages fix vulnerabilities in ISAKMP and RADIUS parsing. Tcpdump is a command-line tool for monitoring network traffic. George Bakos discovered flaws in the ISAKMP decoding routines of tcpdump versions prior to 3.8.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0989 to this issue. Jonathan Heusser discovered an additional flaw in the ISAKMP decoding routines for tcpdump 3.8.1 and earlier. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0057 to this issue. Jonathan Heusser discovered a flaw in the print_attr_string function in the RADIUS decoding routines for tcpdump 3.8.1 and earlier. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0055 to this issue. Remote attackers could potentially exploit these issues by sending carefully-crafted packets to a victim. If the victim uses tcpdump, these pakets could result in a denial of service, or possibly execute arbitrary code as the 'pcap' user. Users of tcpdump are advised to upgrade to these erratum packages, which contain backported security patches and are not vulnerable to these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 13683
    published 2004-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13683
    title Fedora Core 1 : tcpdump-3.7.2-8.fc1.1 (2004-092)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200404-03.NASL
    description The remote host is affected by the vulnerability described in GLSA-200404-03 (Tcpdump Vulnerabilities in ISAKMP Parsing) There are two specific vulnerabilities in tcpdump, outlined in [ reference 1 ]. In the first scenario, an attacker may send a specially crafted ISAKMP Delete packet which causes tcpdump to read past the end of its buffer. In the second scenario, an attacker may send an ISAKMP packet with the wrong payload length, again causing tcpdump to read past the end of a buffer. Impact : Remote attackers could potentially cause tcpdump to crash or execute arbitrary code as the 'pcap' user. Workaround : There is no known workaround at this time. All tcpdump users are encouraged to upgrade to the latest available version.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 14468
    published 2004-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14468
    title GLSA-200404-03 : Tcpdump Vulnerabilities in ISAKMP Parsing
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2004-090.NASL
    description Updated tcpdump, libpcap, and arpwatch packages fix vulnerabilities in ISAKMP and RADIUS parsing. Tcpdump is a command-line tool for monitoring network traffic. George Bakos discovered flaws in the ISAKMP decoding routines of tcpdump versions prior to 3.8.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0989 to this issue. Jonathan Heusser discovered an additional flaw in the ISAKMP decoding routines for tcpdump 3.8.1 and earlier. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0057 to this issue. Jonathan Heusser discovered a flaw in the print_attr_string function in the RADIUS decoding routines for tcpdump 3.8.1 and earlier. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0055 to this issue. Remote attackers could potentially exploit these issues by sending carefully-crafted packets to a victim. If the victim uses tcpdump, these pakets could result in a denial of service, or possibly execute arbitrary code as the 'pcap' user. Users of tcpdump are advised to upgrade to these erratum packages, which contain backported security patches and are not vulnerable to these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 13682
    published 2004-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13682
    title Fedora Core 1 : tcpdump-3.7.2-7.fc1.1 (2004-090)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-008.NASL
    description Updated tcpdump, libpcap, and arpwatch packages fix vulnerabilities in ISAKMP and RADIUS parsing. [Updated 15 Jan 2004] Updated the text description to better describe the vulnerabilities found by Jonathan Heusser and give them CVE names. Tcpdump is a command-line tool for monitoring network traffic. George Bakos discovered flaws in the ISAKMP decoding routines of tcpdump versions prior to 3.8.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0989 to this issue. Jonathan Heusser discovered an additional flaw in the ISAKMP decoding routines for tcpdump 3.8.1 and earlier. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0057 to this issue. Jonathan Heusser discovered a flaw in the print_attr_string function in the RADIUS decoding routines for tcpdump 3.8.1 and earlier. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0055 to this issue. Remote attackers could potentially exploit these issues by sending carefully-crafted packets to a victim. If the victim uses tcpdump, these pakets could result in a denial of service, or possibly execute arbitrary code as the 'pcap' user. Users of tcpdump are advised to upgrade to these erratum packages, which contain backported security patches and are not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 12448
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12448
    title RHEL 2.1 / 3 : tcpdump (RHSA-2004:008)
oval via4
  • accepted 2013-04-29T04:06:59.730-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
    family unix
    id oval:org.mitre.oval:def:10599
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
    version 23
  • accepted 2007-04-25T19:53:00.169-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Thomas R. Jones
      organization Maitreya Security
    description tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
    family unix
    id oval:org.mitre.oval:def:847
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat tcpdump Denial of Service via ISAKMP Packets
    version 34
  • accepted 2007-04-25T19:53:00.899-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Thomas R. Jones
      organization Maitreya Security
    description tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
    family unix
    id oval:org.mitre.oval:def:852
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title RHE3 tcpdump DoS via ISAKMP Packets
    version 34
redhat via4
advisories
  • rhsa
    id RHSA-2004:007
  • rhsa
    id RHSA-2004:008
refmap via4
apple APPLE-SA-2004-02-23
bid 9507
bugtraq
  • 20040119 [ESA-20040119-002] 'tcpdump' multiple vulnerabilities.
  • 20040131 [FLSA-2004:1222] Updated tcpdump resolves security vulnerabilites (resend with correct paths)
caldera CSSA-2004-008.0
cert-vn VU#738518
debian DSA-425
engarde ESA-20040119-002
fedora
  • FEDORA-2004-090
  • FEDORA-2004-092
  • FLSA:1222
mandrake MDKSA-2004:008
mlist [fedora-announce-list] 20040311 Re: [SECURITY] Fedora Core 1 Update: tcpdump-3.7.2-8.fc1.1
sco SCOSA-2004.9
sectrack 1008716
secunia
  • 10636
  • 10637
  • 10639
  • 10644
  • 10652
  • 10668
  • 10718
  • 11022
  • 11032
  • 12179
sgi
  • 20040103-01-U
  • 20040202-01-U
suse SuSE-SA:2004:002
trustix 2004-0004
Last major update 17-10-2016 - 22:38
Published 17-02-2004 - 00:00
Last modified 19-10-2018 - 11:29
Back to Top