TCPDump ISAKMP Decoding Routines Denial Of Service Vulnerability

It has been reported that tcpdump may be prone to a denial of service vulnerability that may allow a remote attacker to cause the software to enter an infinite loop by sending malformed ISAKMP packets resulting in a crash or hang. Although unconfirmed, remote code execution may be possible.

tcpdump versions prior to 3.8.1 have been reported to be prone to this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus