tcpdump RSVP Decoding Routines Denial Of Service Vulnerability

The 'tcpdump' utility is prone to a vulnerability that may allow a remote attacker to cause a denial-of-service condition in the software. The issue occurs because of the way tcpdump decodes Resource ReSerVation Protocol (RSVP) packets. A remote attacker may send malformed RSVP packets to cause the software to enter an infinite loop and hang.

This issue affects tcpdump 3.9.x/CVS and earlier.


Privacy Statement
Copyright 2010, SecurityFocus