| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.58.0401161251060.9454@wotan.suse.de> From: krahmer at suse.de (Sebastian Krahmer) Subject: SUSE Security Announcement: tcpdump (SuSE-SA:2004:002) On Thu, 15 Jan 2004, Nico Golde wrote: Hi, No idea. Probably yes. :) Sebastian > Hallo Sebastian, > > * Sebastian Krahmer <krahmer@...e.de> [2004-01-15 00:58]: > [...] > > Tcpdump is a well known tool for administrators to analyze network > > traffic. > > There is a bug in the tcpdump code responsible for handling ISAKMP > > messages. This bug allows remote attackers to destroy a current > > tcpdump session by tricking the tcpdump program with evil ISAKMP > > messages to enter an endless loop. > > has anybody got some example code for it? > regards nico > > -- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer@...e.de - SuSE Security Team ~
Powered by blists - more mailing lists