[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
From: Nico Golde <nion@gmx.net>
Date: Thu, 15 Jan 2004 19:22:42 +0100

Hallo Sebastian,

* Sebastian Krahmer <krahmer@suse.de> [2004-01-15 00:58]:
[...] 
>     Tcpdump is a well known tool for administrators to analyze network
>     traffic.
>       There is a bug in the tcpdump code responsible for handling ISAKMP
>     messages. This bug allows remote attackers to destroy a current
>     tcpdump session by tricking the tcpdump program with evil ISAKMP
>     messages to enter an endless loop.

has anybody got some example code for it?
regards nico

-- 
Nico Golde nico@ngolde.de
public key available on:
http://www.ngolde.de/gpg.html

Attachment: pgp00024.pgp
Description: PGP signature

Follow-Ups:
- Re: [Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
  - From: Sebastian Krahmer <krahmer@suse.de>

References:
- [Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
  - From: krahmer@suse.de (Sebastian Krahmer)

Prev by Date: Re: [Full-Disclosure] Re: January 15 is Personal Firewall Day, help the cause
Next by Date: Re: [Full-Disclosure] UTTER HORSESHIT: [was January 15 is Personal Firewall Day, help the cause]
Previous by thread: [Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
Next by thread: Re: [Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
Index(es):
- Date
- Thread