FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

tcpdump ISAKMP payload handling remote denial-of-service

Affected packages
tcpdump < 3.8.3
racoon < 20040408a
FreeBSD < 5.2.1

Details

VuXML ID f8551668-de09-4d7b-9720-f1360929df07
Discovery 2004-03-12
Entry 2004-03-31
Modified 2016-08-11

Chad Loder has discovered vulnerabilities in tcpdump's ISAKMP protocol handler. During an audit to repair these issues, Bill Fenner discovered some related problems.

These vulnerabilities may be used by an attacker to crash a running `tcpdump' process. They can only be triggered if the `-v' command line option is being used.

NOTE: the racoon ISAKMP/IKE daemon incorporates the ISAKMP protocol handler from tcpdump, and so is also affected by this issue.

References

CVE Name CVE-2004-0183
CVE Name CVE-2004-0184
Message http://marc.theaimsgroup.com/?l=bugtraq&m=108067265931525
URL http://www.rapid7.com/advisories/R7-0017.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.