Bugtraq: Re: Denial of service attack against tcpdump

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Denial of service attack against tcpdump

From: Hugo.van.der.Kooij () CAIW NL (Hugo.van.der.Kooij () CAIW NL)
Date: Wed, 10 May 2000 01:09:47 +0200


On Tue, 2 May 2000 bretonh () PARANOIA PGCI CA wrote:

There is a way to disable tcpdump running on a remote host.  By sending a
carefully crafted UDP packet on the network which tcpdump monitors, it is
possible, under certain circonstances, to make tcpdump fall into an infinite
loop.


Could it be that iptraf suffers a similar weakness? (Or even worse?)

I noticed that iptraf dies on me too often during network tests.

Hugo.

--
Hugo van der Kooij; Oranje Nassaustraat 16; 3155 VJ  Maasland
hvdkooij () caiw nl     http://home.kabelfoon.nl/~hvdkooij/
--------------------------------------------------------------
Quoting this tagline is illegal! (http://www.dtcc.edu/cs/rfc1855.html)

By Date By Thread

Current thread:

Re: Denial of service attack against tcpdump, (continued)
- glibc resolver weakness antirez (May 02)
  - Re: glibc resolver weakness Bennett Todd (May 03)
  - Re: glibc resolver weakness Valdis.Kletnieks () VT EDU (May 03)
  - Re: glibc resolver weakness Andrew Brown (May 03)
  - Cayman 3220-H DSL Router DOS cassius () HUSHMAIL COM (May 05)