[Full-Disclosure] SUSE Security Announcement: tcpdump (SuSE-SA:2004:002)
krahmer at suse.de
Fri Jan 16 11:51:33 GMT 2004
On Thu, 15 Jan 2004, Nico Golde wrote:
No idea. Probably yes. :)
> Hallo Sebastian,
> * Sebastian Krahmer <krahmer at suse.de> [2004-01-15 00:58]:
> > Tcpdump is a well known tool for administrators to analyze network
> > traffic.
> > There is a bug in the tcpdump code responsible for handling ISAKMP
> > messages. This bug allows remote attackers to destroy a current
> > tcpdump session by tricking the tcpdump program with evil ISAKMP
> > messages to enter an endless loop.
> has anybody got some example code for it?
> regards nico
~ perl self.pl
~ krahmer at suse.de - SuSE Security Team
Full-Disclosure is hosted and sponsored by Secunia.