Vulnerabilities > CVE-1999-1024 - Unspecified vulnerability in LBL Tcpdump 3.4

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

lbl

exploit available

NVD

Published: 2001-11-28

Updated: 2016-10-18

Summary

ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a denial of service via a packet with a zero length header, which causes an infinite loop and core dump when tcpdump prints the packet.

Vulnerable Configurations

Part	Description	Count
Application	Lbl LBL Tcpdump 3.4	1

Exploit-Db

description	tcpdump 3.4 Protocol Four and Zero Header Length Vulnerability. CVE-1999-1024. Remote exploit for linux platform
id	EDB-ID:19251
last seen	2016-02-02
modified	1999-06-16
published	1999-06-16
reporter	badi
source	https://www.exploit-db.com/download/19251/
title	tcpdump 3.4 Protocol Four and Zero Header Length Vulnerability

References

http://marc.info/?l=bugtraq&m=92955903802773&w=2
http://marc.info/?l=bugtraq&m=92963447601748&w=2
http://marc.info/?l=bugtraq&m=92989907627051&w=2
http://www.securityfocus.com/bid/313