CVE-2004-0055

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2004-0055
The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt
ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc
ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000832
http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html
http://lwn.net/Alerts/66445/
http://marc.info/?l=bugtraq&m=107577418225627&w=2
http://marc.info/?l=tcpdump-workers&m=107325073018070&w=2
http://secunia.com/advisories/10636
http://secunia.com/advisories/10639
http://secunia.com/advisories/10644
http://secunia.com/advisories/10652
http://secunia.com/advisories/10718
http://secunia.com/advisories/11022
http://secunia.com/advisories/11032/
http://secunia.com/advisories/12179/
http://www.debian.org/security/2004/dsa-425
http://www.kb.cert.org/vuls/id/955526 Third Party Advisory US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2004:008
http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html
http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html
http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html
http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html
http://www.redhat.com/support/errata/RHSA-2004-008.html Patch Vendor Advisory
http://www.securityfocus.com/bid/7090 Exploit Patch Vendor Advisory
http://www.securitytracker.com/id?1008735
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A850
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A853
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9989
ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt
ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc
ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000832
http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html
http://lwn.net/Alerts/66445/
http://marc.info/?l=bugtraq&m=107577418225627&w=2
http://marc.info/?l=tcpdump-workers&m=107325073018070&w=2
http://secunia.com/advisories/10636
http://secunia.com/advisories/10639
http://secunia.com/advisories/10644
http://secunia.com/advisories/10652
http://secunia.com/advisories/10718
http://secunia.com/advisories/11022
http://secunia.com/advisories/11032/
http://secunia.com/advisories/12179/
http://www.debian.org/security/2004/dsa-425
http://www.kb.cert.org/vuls/id/955526 Third Party Advisory US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2004:008
http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html
http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html
http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html
http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html
http://www.redhat.com/support/errata/RHSA-2004-008.html Patch Vendor Advisory
http://www.securityfocus.com/bid/7090 Exploit Patch Vendor Advisory
http://www.securitytracker.com/id?1008735
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A850
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A853
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9989
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:lbl:tcpdump:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:lbl:tcpdump:3.6.2:*:*:*:*:*:*:*
cpe:2.3:a:lbl:tcpdump:3.7:*:*:*:*:*:*:*
cpe:2.3:a:lbl:tcpdump:3.7.1:*:*:*:*:*:*:*
History

20 Nov 2024, 23:47

Type Values Removed Values Added
References () ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt - () ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt -
References () ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt - () ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt -
References () ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc - () ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc -
References () ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc - () ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc -
References () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000832 - () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000832 -
References () http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html - () http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html -
References () http://lwn.net/Alerts/66445/ - () http://lwn.net/Alerts/66445/ -
References () http://marc.info/?l=bugtraq&m=107577418225627&w=2 - () http://marc.info/?l=bugtraq&m=107577418225627&w=2 -
References () http://marc.info/?l=tcpdump-workers&m=107325073018070&w=2 - () http://marc.info/?l=tcpdump-workers&m=107325073018070&w=2 -
References () http://secunia.com/advisories/10636 - () http://secunia.com/advisories/10636 -
References () http://secunia.com/advisories/10639 - () http://secunia.com/advisories/10639 -
References () http://secunia.com/advisories/10644 - () http://secunia.com/advisories/10644 -
References () http://secunia.com/advisories/10652 - () http://secunia.com/advisories/10652 -
References () http://secunia.com/advisories/10718 - () http://secunia.com/advisories/10718 -
References () http://secunia.com/advisories/11022 - () http://secunia.com/advisories/11022 -
References () http://secunia.com/advisories/11032/ - () http://secunia.com/advisories/11032/ -
References () http://secunia.com/advisories/12179/ - () http://secunia.com/advisories/12179/ -
References () http://www.debian.org/security/2004/dsa-425 - () http://www.debian.org/security/2004/dsa-425 -
References () http://www.kb.cert.org/vuls/id/955526 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/955526 - Third Party Advisory, US Government Resource
References () http://www.mandriva.com/security/advisories?name=MDKSA-2004:008 - () http://www.mandriva.com/security/advisories?name=MDKSA-2004:008 -
References () http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html - () http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html -
References () http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html - () http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html -
References () http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html - () http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html -
References () http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html - () http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html -
References () http://www.redhat.com/support/errata/RHSA-2004-008.html - Patch, Vendor Advisory () http://www.redhat.com/support/errata/RHSA-2004-008.html - Patch, Vendor Advisory
References () http://www.securityfocus.com/bid/7090 - Exploit, Patch, Vendor Advisory () http://www.securityfocus.com/bid/7090 - Exploit, Patch, Vendor Advisory
References () http://www.securitytracker.com/id?1008735 - () http://www.securitytracker.com/id?1008735 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A850 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A850 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A853 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A853 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9989 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9989 -
Information

Published : 2004-02-17 05:00

Updated : 2024-11-20 23:47

NVD link : CVE-2004-0055

Mitre link : CVE-2004-0055

CVE.ORG link : CVE-2004-0055

JSON object : View

Products Affected

lbl

  • tcpdump
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024