CVE-2004-0055: Medium severity Lbl Tcpdump vulnerability
Published Jan 15, 2004
·Updated
The printattrstring function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.
Affected Software
4 affected components
Lbl Tcpdump=3.5.2
Lbl Tcpdump=3.6.2
Lbl Tcpdump=3.7
Lbl Tcpdump=3.7.1
Remediation
Patch Available
Patch Available
Event History
Jan 15, 2004
CVE Published
via MITRE·10:00 AM
Data Sourced
via MITRE·10:00 AM
Description
Frequently Asked Questions
1
What is the severity of CVE-2004-0055?
CVE-2004-0055 has been classified as a denial of service vulnerability.
2
How do I fix CVE-2004-0055?
To fix CVE-2004-0055, update tcpdump to version 3.8.2 or later.
3
Which versions of tcpdump are affected by CVE-2004-0055?
CVE-2004-0055 affects tcpdump versions 3.8.1 and earlier.
4
Can CVE-2004-0055 be exploited remotely?
Yes, CVE-2004-0055 can be exploited remotely via malformed RADIUS attributes.
5
What is the impact of CVE-2004-0055?
The impact of CVE-2004-0055 is that it can cause a segmentation fault, leading to a denial of service.