Full Disclosure mailing list archives
Re: SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
From: Sebastian Krahmer <krahmer () suse de>
Date: Fri, 16 Jan 2004 12:51:33 +0100 (CET)
On Thu, 15 Jan 2004, Nico Golde wrote: Hi, No idea. Probably yes. :) Sebastian
Hallo Sebastian, * Sebastian Krahmer <krahmer () suse de> [2004-01-15 00:58]: [...]Tcpdump is a well known tool for administrators to analyze network traffic. There is a bug in the tcpdump code responsible for handling ISAKMP messages. This bug allows remote attackers to destroy a current tcpdump session by tricking the tcpdump program with evil ISAKMP messages to enter an endless loop.has anybody got some example code for it? regards nico
-- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer () suse de - SuSE Security Team ~ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- SUSE Security Announcement: tcpdump (SuSE-SA:2004:002) Sebastian Krahmer (Jan 14)
- Re: SUSE Security Announcement: tcpdump (SuSE-SA:2004:002) Nico Golde (Jan 15)
- Re: SUSE Security Announcement: tcpdump (SuSE-SA:2004:002) Sebastian Krahmer (Jan 16)
- Re: SUSE Security Announcement: tcpdump (SuSE-SA:2004:002) Nico Golde (Jan 15)
- Re: SUSE Security Announcement: tcpdump (SuSE-SA:2004:002) Nico Golde (Jan 15)