FreeBSD : tcpdump -- infinite loops in protocol decoding (9fae0f1f-df82-11d9-b875-0001020eed82)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Problem Description Several tcpdump protocol decoders contain
programming errors which can cause them to go into infinite loops.
Impact An attacker can inject specially crafted packets into the
network which, when processed by tcpdump, could lead to a
denial-of-service. After the attack, tcpdump would no longer capture
traffic, and would potentially use all available processor time.

See also :

http://marc.info/?l=bugtraq&m=111454406222040
http://marc.info/?l=bugtraq&m=111454461300644
http://marc.info/?l=bugtraq&m=111928309502304
http://www.nessus.org/u?e05455b4

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 19052 (freebsd_pkg_9fae0f1fdf8211d9b8750001020eed82.nasl)

Bugtraq ID:

CVE ID: CVE-2005-1267
CVE-2005-1278
CVE-2005-1279
CVE-2005-1280

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now