Bugtraq: Re: Denial of service attack against tcpdump

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Denial of service attack against tcpdump

From: gerald () ZING ORG (Gerald Combs)
Date: Wed, 3 May 2000 22:15:13 -0500


On Tue, 2 May 2000 bretonh () PARANOIA PGCI CA wrote:

Greetings.

There is a way to disable tcpdump running on a remote host.  By sending a
carefully crafted UDP packet on the network which tcpdump monitors, it is
possible, under certain circonstances, to make tcpdump fall into an infinite
loop.


A fix for this is in the current tcpdump CVS tree at www.tcpdump.org, but
it doesn't appear to be in the 3.5 alpha release.  This has also been
fixed in the latest version of Ethereal (0.8.7).

By Date By Thread

Current thread:

4ward:It's a blue world!, (continued)
- 4ward:It's a blue world! deepquest () NETSCAPE NET (May 02)
- Denial of service attack against tcpdump bretonh () PARANOIA PGCI CA (May 02)
  - Re: Denial of service attack against tcpdump antirez (May 03)
  - Re: Denial of service attack against tcpdump Sebastian (May 03)
  - Re: Denial of service attack against tcpdump Dragos Ruiu (May 03)
  - Re: Denial of service attack against tcpdump Gerald Combs (May 03)
  - "ILOVEYOU" virus analysis Steve Wolfe (May 04)
  - 2.2.14 Kernel exec/open bug (?) The Cr0W (May 05)
  - Re: Denial of service attack against tcpdump Hugo.van.der.Kooij () CAIW NL (May 09)
- glibc resolver weakness antirez (May 02)
  - Re: glibc resolver weakness Bennett Todd (May 03)