CVE-2003-0145: Medium severity Lbl Tcpdump vulnerability
Published Mar 31, 2003
·Updated
Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.
Affected Software
4 affected components
Lbl Tcpdump=3.5.2
Lbl Tcpdump=3.6.2
Lbl Tcpdump=3.7
Lbl Tcpdump=3.7.1
Event History
Mar 31, 2003
CVE Published
05:00 AM
Sep 1, 2004
CVE Published
via MITRE·08:00 AM
Data Sourced
via MITRE·08:00 AM
Description
Frequently Asked Questions
1
What is the severity of CVE-2003-0145?
CVE-2003-0145 is rated as a moderate severity vulnerability due to its potential to cause a denial of service.
2
How do I fix CVE-2003-0145?
To fix CVE-2003-0145, upgrade tcpdump to version 3.7.2 or later where the vulnerability has been addressed.
3
What software versions are affected by CVE-2003-0145?
CVE-2003-0145 affects tcpdump versions 3.5.2, 3.6.2, 3.7, and 3.7.1.
4
What type of vulnerability is CVE-2003-0145?
CVE-2003-0145 is a denial of service vulnerability related to the handling of unknown RADIUS attributes in tcpdump.
5
Can CVE-2003-0145 be exploited remotely?
Yes, CVE-2003-0145 can be exploited remotely by sending specially crafted packets that exploit the vulnerability.