Back to search
CVE-2003-1029
Published: Jan 15, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
10718
third-party-advisory
x_refsource_SECUNIA
10668
third-party-advisory
x_refsource_SECUNIA
[tcpdump-workers] 20031224 Seg fault of tcpdump (v 3.8.1 and below) with malformed l2tp packets
mailing-list
x_refsource_MLIST
10636
third-party-advisory
x_refsource_SECUNIA
1008748
vdb-entry
x_refsource_SECTRACK
ESA-20040119-002
vendor-advisory
x_refsource_ENGARDE
MDKSA-2004:008
vendor-advisory
x_refsource_MANDRAKE
20040119 [ESA-20040119-002] 'tcpdump' multiple vulnerabilities.
mailing-list
x_refsource_BUGTRAQ
DSA-425
vendor-advisory
x_refsource_DEBIAN
10652
third-party-advisory
x_refsource_SECUNIA
20031221 Re: Remote crash in tcpdump from OpenBSD
mailing-list
x_refsource_BUGTRAQ
20031220 Remote crash in tcpdump from OpenBSD
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now