Bugtraq mailing list archives

Re: tcpdump[v3.8.x/v3.9.1]: ISIS, BGP, and LDP infinite loop DOS exploits.

From: Romain Francoise <rfrancoise () debian org>
Date: Wed, 27 Apr 2005 22:21:42 +0200

Vade 79 <v9 () fakehalo us> writes:

the ISIS bug is in 3.8.x/3.9.1/CVS. (did not check below 3.8.x)


I don't know about 3.7 but at least tcpdump 3.6 isn't vulnerable to this
one.

the BGP and LDP bugs seem to be only in 3.8.x. (did not check below
3.8.x)


The LDP one isn't in tcpdump 3.6 either (no LDP dissector) but the BGP
one is.  A security update for Debian stable (tcpdump 3.6.2) is pending.

Thanks,

-- 
  ,''`.
 : :' :        Romain Francoise <rfrancoise () debian org>
 `. `'         http://people.debian.org/~rfrancoise/
   `-

Current thread:

tcpdump[v3.8.x/v3.9.1]: ISIS, BGP, and LDP infinite loop DOS exploits. Vade 79 (Apr 26)
- Re: tcpdump[v3.8.x/v3.9.1]: ISIS, BGP, and LDP infinite loop DOS exploits. Romain Francoise (Apr 28)