FreeBSD : tcpdump ISAKMP payload handling remote denial-of-service (f8551668-de09-4d7b-9720-f1360929df07)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Chad Loder has discovered vulnerabilities in tcpdump's ISAKMP protocol
handler. During an audit to repair these issues, Bill Fenner
discovered some related problems.

These vulnerabilities may be used by an attacker to crash a running
`tcpdump' process. They can only be triggered if the `-v' command line
option is being used.

NOTE: the racoon ISAKMP/IKE daemon incorporates the ISAKMP protocol
handler from tcpdump, and so is also affected by this issue.

See also :

http://marc.info/?l=bugtraq&m=108067265931525
http://www.rapid7.com/advisories/R7-0017.html
http://www.nessus.org/u?eb70c9dd

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 19180 (freebsd_pkg_f8551668de094d7b9720f1360929df07.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0183
CVE-2004-0184

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now