Short Name |
APP:ETHEREAL:TCPDUMP-ISAKMP-DOS |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
APP |
Keywords |
TCPDump ISAKMP Packet Parsing DoS |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulerability against TCPDump. TCPDump versions 3.6, 3.6.3, and 3.7.1 built against LIBPCAP versions .6 and .7 on both the Linux and FreeBSD platforms are vulnerable. Attackers can send a maliciously crafted packet to port UDP/500 that TCPDump attempts to parse as an ISAKMP packet, causing TCPDump to enter an infinite loop.
It has been reported that tcpdump is vulnerable to a denial of service when some packet types are received. By sending a maliciously formatted packet to a system using a vulnerable version of tcpdump, it is possible for a remote user to cause tcpdump to ignore network traffic from the time the packet is received until the application is terminated and restarted.