BugTraq
Back to list
|
Post reply
tcpdump[v3.8.x/v3.9.1]: ISIS, BGP, and LDP infinite loop DOS exploits.
Apr 26 2005 10:00AM
Vade 79 (v9 fakehalo us)
(1 replies)
Re: tcpdump[v3.8.x/v3.9.1]: ISIS, BGP, and LDP infinite loop DOS exploits.
Apr 27 2005 08:21PM
Romain Francoise (rfrancoise debian org)
Vade 79 <v9 (at) fakehalo (dot) us [email concealed]> writes:
> the ISIS bug is in 3.8.x/3.9.1/CVS. (did not check below 3.8.x)
I don't know about 3.7 but at least tcpdump 3.6 isn't vulnerable to this
one.
> the BGP and LDP bugs seem to be only in 3.8.x. (did not check below
> 3.8.x)
The LDP one isn't in tcpdump 3.6 either (no LDP dissector) but the BGP
one is. A security update for Debian stable (tcpdump 3.6.2) is pending.
Thanks,
--
,''`.
: :' : Romain Francoise <rfrancoise (at) debian (dot) org [email concealed]>
`. `' http://people.debian.org/~rfrancoise/
`-
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
> the ISIS bug is in 3.8.x/3.9.1/CVS. (did not check below 3.8.x)
I don't know about 3.7 but at least tcpdump 3.6 isn't vulnerable to this
one.
> the BGP and LDP bugs seem to be only in 3.8.x. (did not check below
> 3.8.x)
The LDP one isn't in tcpdump 3.6 either (no LDP dissector) but the BGP
one is. A security update for Debian stable (tcpdump 3.6.2) is pending.
Thanks,
--
,''`.
: :' : Romain Francoise <rfrancoise (at) debian (dot) org [email concealed]>
`. `' http://people.debian.org/~rfrancoise/
`-
[ reply ]