lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 20 Dec 2003 17:25:22 +0100 From: Przemyslaw Frasunek <venglin@...ebsd.lublin.pl> To: bugtraq@...urityfocus.com Subject: Remote crash in tcpdump from OpenBSD -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------- Original Message -------- Subject: user/3610: repetable tcpdump remote crash Resent-Date: Sat, 20 Dec 2003 08:55:02 -0700 (MST) Resent-From: gnats@....openbsd.org (GNATS Filer) Resent-To: bugs@....openbsd.org Date: Sat, 20 Dec 2003 16:42:25 +0100 (CET) From: venglin@...ebsd.lublin.pl Reply-To: venglin@...ebsd.lublin.pl To: gnats@...nbsd.org >Number: 3610 >Category: user >Synopsis: repetable tcpdump remote crash >Confidential: yes >Severity: critical >Priority: high >Responsible: bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: net >Arrival-Date: Sat Dec 20 15:50:02 GMT 2003 >Closed-Date: >Last-Modified: >Originator: Przemyslaw Frasunek >Release: 3.3-RELEASE >Organization: net >Environment: System : OpenBSD 3.3 Architecture: OpenBSD.i386 Machine : i386 >Description: Sending a packet containg 0xff,0x02 bytes to port 1701/udp causes a L2TP protocol parser in tcpdump to enter an infinite loop, eating all available memory and then segfaulting. This bug also affects tcpdump in -CURRENT. >How-To-Repeat: tcpdump -i lo0 -n udp and dst port 1701 & perl -e 'print "\xff\x02"' | nc -u localhost 1701 >Fix: Unknown, recent versions of tcpdump are immune to this problem. >Release-Note: >Audit-Trail: >Unformatted: - -- * Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NICHDL: PMF9-RIPE * * JID: venglin@...ber.atman.pl ** PGP ID: 2578FCAD ** HAM-RADIO: SQ8JIV * -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/5HfykxEnBiV4/K0RApAkAKDMw3qheVAkGu3v2EvoCoq07C8ZYgCgh9sl ZjwiNzK9di8oSMQ1XK/YF+g= =Q0AT -----END PGP SIGNATURE-----
Powered by blists - more mailing lists