[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)

To: Nico Golde <nion@gmx.net>
Subject: Re: [Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
From: Sebastian Krahmer <krahmer@suse.de>
Date: Fri, 16 Jan 2004 12:51:33 +0100 (CET)

On Thu, 15 Jan 2004, Nico Golde wrote:

Hi,

No idea. Probably yes. :)

Sebastian

> Hallo Sebastian,
> 
> * Sebastian Krahmer <krahmer@suse.de> [2004-01-15 00:58]:
> [...] 
> >     Tcpdump is a well known tool for administrators to analyze network
> >     traffic.
> >       There is a bug in the tcpdump code responsible for handling ISAKMP
> >     messages. This bug allows remote attackers to destroy a current
> >     tcpdump session by tricking the tcpdump program with evil ISAKMP
> >     messages to enter an endless loop.
> 
> has anybody got some example code for it?
> regards nico
> 
> 

-- 
~
~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer@suse.de - SuSE Security Team
~

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
  - From: krahmer@suse.de (Sebastian Krahmer)
- Re: [Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
  - From: Nico Golde <nion@gmx.net>

Prev by Date: [Full-Disclosure] RE: [Full-Disclosure]Flawed Challenges (was Flawed arguments (Was all that other crap about PFW day))
Next by Date: Re[4]: [Full-Disclosure] January 15 is Personal Firewall Day, help the cause
Previous by thread: Re: [Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
Next by thread: Re: [Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
Index(es):
- Date
- Thread