exploits , vulnerabilities , articles , TCPDump BGP Decoding Routines Denial Of Service Vulnerability

Title	TCPDump BGP Decoding Routines Denial Of Service Vulnerability
Published	2005-06-09-12:00AM
Updated	2005-10-10-04:41PM
Class	Failure to Handle Exceptional Conditions
CVE	CAN-2005-1267
Remote	Yes
Local	No
Credit	Discovery of this issue is credited to Simon L. Nielsen.
Vulnerable	Trustix Secure Linux 2.2 Trustix Secure Linux 2.1 Trustix Secure Enterprise Linux 2.0 Slackware Linux 10.1 Slackware Linux 10.0 Slackware Linux 9.1 Slackware Linux 9.0 Slackware Linux 8.1 Slackware Linux current RedHat Fedora Core4 RedHat Fedora Core3 MandrakeSoft Linux Mandrake 10.2 x86_64 MandrakeSoft Linux Mandrake 10.2 MandrakeSoft Linux Mandrake 10.1 x86_64 MandrakeSoft Linux Mandrake 10.1 LBL tcpdump 3.9.1 LBL tcpdump 3.9 LBL tcpdump 3.8.3 Debian Linux 3.1 Debian Linux 3.1 alpha Debian Linux 3.1 amd64 Debian Linux 3.1 arm Debian Linux 3.1 hppa Debian Linux 3.1 ia32 Debian Linux 3.1 ia64 Debian Linux 3.1 m68k Debian Linux 3.1 mips Debian Linux 3.1 mipsel Debian Linux 3.1 ppc Debian Linux 3.1 s/390 Debian Linux 3.1 sparc Turbolinux Appliance Server 1.0 Hosting Edition Turbolinux Appliance Server 1.0 Workgroup Edition Turbolinux Appliance Server Hosting Edition 1.0 Turbolinux Appliance Server Workgroup Edition 1.0 Turbolinux Home Turbolinux Turbolinux 10 F... Turbolinux Turbolinux Desktop 10.0 Turbolinux Turbolinux Server 7.0 Turbolinux Turbolinux Server 8.0 Turbolinux Turbolinux Workstation 7.0 Turbolinux Turbolinux Workstation 8.0 Ubuntu Ubuntu Linux 4.1 ia32 Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ppc Ubuntu Ubuntu Linux 5.0 4 amd64 Ubuntu Ubuntu Linux 5.0 4 i386 Ubuntu Ubuntu Linux 5.0 4 powerpc LBL tcpdump 3.8.2 LBL tcpdump 3.8.1 MandrakeSoft Linux Mandrake 10.0 LBL tcpdump 3.7.2 MandrakeSoft Corporate Server 2.1 MandrakeSoft Corporate Server 2.1 x86_64 MandrakeSoft Linux Mandrake 9.1 MandrakeSoft Linux Mandrake 9.1 ppc MandrakeSoft Linux Mandrake 9.2 MandrakeSoft Linux Mandrake 9.2 amd64 MandrakeSoft Multi Network Firewall 2.0 Turbolinux Turbolinux Advanced Server 6.0 Turbolinux Turbolinux Desktop 10.0 Turbolinux Turbolinux Server 6.1 Turbolinux Turbolinux Server 6.5 Turbolinux Turbolinux Server 7.0 Turbolinux Turbolinux Server 8.0 Turbolinux Turbolinux Workstation 6.0 Turbolinux Turbolinux Workstation 6.1 Turbolinux Turbolinux Workstation 7.0 Turbolinux Turbolinux Workstation 8.0 LBL tcpdump 3.7.1 FreeBSD FreeBSD 4.7 FreeBSD FreeBSD 4.7 RELEASE Gentoo Linux 1.4 _rc1 Gentoo Linux 1.4 _rc2 S.u.S.E. Linux 8.1 LBL tcpdump 3.7 FreeBSD FreeBSD 4.2 FreeBSD FreeBSD 4.2 RELEASE FreeBSD FreeBSD 4.2 STABLE FreeBSD FreeBSD 4.3 FreeBSD FreeBSD 4.3 RELEASE FreeBSD FreeBSD 4.3 RELENG FreeBSD FreeBSD 4.3 STABLE FreeBSD FreeBSD 4.4 FreeBSD FreeBSD 4.4 RELENG FreeBSD FreeBSD 4.4 STABLE FreeBSD FreeBSD 4.5 FreeBSD FreeBSD 4.5 RELEASE FreeBSD FreeBSD 4.5 STABLE FreeBSD FreeBSD 4.6 FreeBSD FreeBSD 4.6 RELEASE LBL tcpdump 3.6.3 EnGarde Secure Community 1.0.1 EnGarde Secure Community 2.0 EnGarde Secure Professional 1.1 EnGarde Secure Professional 1.2 EnGarde Secure Professional 1.5 LBL tcpdump 3.6.2 Caldera OpenLinux Server 3.1 Caldera OpenLinux Server 3.1.1 Caldera OpenLinux Workstation 3.1 Caldera OpenLinux Workstation 3.1.1 Conectiva Linux 5.0 Conectiva Linux 5.1 Conectiva Linux 6.0 Conectiva Linux 7.0 Conectiva Linux 8.0 Debian Linux 3.0 Debian Linux 3.0 alpha Debian Linux 3.0 arm Debian Linux 3.0 hppa Debian Linux 3.0 ia32 Debian Linux 3.0 ia64 Debian Linux 3.0 m68k Debian Linux 3.0 mips Debian Linux 3.0 mipsel Debian Linux 3.0 ppc Debian Linux 3.0 s/390 Debian Linux 3.0 sparc FreeBSD FreeBSD 4.0 FreeBSD FreeBSD 4.1 FreeBSD FreeBSD 4.1.1 FreeBSD FreeBSD 4.2 FreeBSD FreeBSD 4.3 HP Secure OS software for Linux 1.0 MandrakeSoft Corporate Server 1.0.1 MandrakeSoft Linux Mandrake 7.1 MandrakeSoft Linux Mandrake 7.2 MandrakeSoft Linux Mandrake 8.0 MandrakeSoft Linux Mandrake 8.1 MandrakeSoft Linux Mandrake 8.2 MandrakeSoft Single Network Firewall 7.2 RedHat Linux 6.2 alpha RedHat Linux 6.2 i386 RedHat Linux 6.2 sparc RedHat Linux 7.0 alpha RedHat Linux 7.0 i386 RedHat Linux 7.1 alpha RedHat Linux 7.1 i386 RedHat Linux 7.1 ia64 RedHat Linux 7.2 i386 RedHat Linux 7.2 ia64 S.u.S.E. Linux 8.0 Trustix Secure Linux 1.1 Trustix Secure Linux 1.2 Trustix Secure Linux 1.5 LBL tcpdump 3.5.2 LBL tcpdump 3.5 alpha LBL tcpdump 3.5 FreeBSD FreeBSD 3.x FreeBSD FreeBSD 4.0 FreeBSD FreeBSD 4.1 FreeBSD FreeBSD 4.1.1 S.u.S.E. Linux 7.3 S.u.S.E. Linux 8.0 LBL tcpdump 3.4 a6 Debian Linux 2.2 Debian Linux 2.2 68k Debian Linux 2.2 alpha Debian Linux 2.2 arm Debian Linux 2.2 IA32 Debian Linux 2.2 powerpc Debian Linux 2.2 sparc S.u.S.E. Firewall Adminhost VPN S.u.S.E. Linux 6.4 S.u.S.E. Linux 7.0 S.u.S.E. Linux 7.1 S.u.S.E. Linux 7.2 S.u.S.E. Linux AdminCD for Firewall S.u.S.E. Linux Connectivity Server S.u.S.E. Linux Database Server S.u.S.E. Linux Enterprise Server 7 S.u.S.E. Linux Enterprise Server for S/390 S.u.S.E. Linux LiveCD for Firewall S.u.S.E. SuSE eMail Server III LBL tcpdump 3.4 RedHat Linux 6.2 alpha RedHat Linux 6.2 i386 RedHat Linux 6.2 sparc RedHat Linux 7.0 alpha RedHat Linux 7.0 i386 RedHat Linux 7.1 alpha RedHat Linux 7.1 i386 RedHat Linux 7.1 ia64 IPCop IPCop 1.4.6 IPCop IPCop 1.4.5 IPCop IPCop 1.4.4 IPCop IPCop 1.4.2 IPCop IPCop 1.4.1 IBM AIX 5.3 L IBM AIX 5.3 Gentoo Linux
Not Vulnerable
Code	The following proof of concept exploit is available: /data/vulnerabilities/exploits/tcpdump-bgp-update-poc.c
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-18 ReVou Comment Field HTML Injection Vulnerability
• 2009-12-18 Adobe Flash Media Server Resource Exhaustion Remote Denial of Service Vulnerability
• 2009-12-18 Centreon Authentication Mechanism Security Bypass Vulnerability
• 2009-12-18 Family Connections Multiple Input Validation Vulnerabilities
• 2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
• 2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
• 2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
• 2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
• 2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
• 2009-12-17 Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Sat, 19 Dec 2009 01:31:18 +0000