[Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
Sebastian Krahmer
krahmer at suse.de
Fri Jan 16 11:51:33 GMT 2004
On Thu, 15 Jan 2004, Nico Golde wrote:
Hi,
No idea. Probably yes. :)
Sebastian
> Hallo Sebastian,
>
> * Sebastian Krahmer <krahmer at suse.de> [2004-01-15 00:58]:
> [...]
> > Tcpdump is a well known tool for administrators to analyze network
> > traffic.
> > There is a bug in the tcpdump code responsible for handling ISAKMP
> > messages. This bug allows remote attackers to destroy a current
> > tcpdump session by tricking the tcpdump program with evil ISAKMP
> > messages to enter an endless loop.
>
> has anybody got some example code for it?
> regards nico
>
>
--
~
~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer at suse.de - SuSE Security Team
~
Full-Disclosure is hosted and sponsored by Secunia.