CVE-2005-1278: Medium severity Lbl Tcpdump vulnerability

Q: What is the severity of CVE-2005-1278?

CVE-2005-1278 has a severity rating that indicates it can lead to a denial of service due to an infinite loop.

Q: How do I fix CVE-2005-1278?

To fix CVE-2005-1278, upgrade tcpdump to version 3.9.2 or later.

Q: What systems are affected by CVE-2005-1278?

CVE-2005-1278 affects tcpdump versions up to and including 3.9.1.

Q: What type of attack does CVE-2005-1278 facilitate?

CVE-2005-1278 facilitates a denial of service attack that can be executed via a zero-length GRE packet.

Q: Is there a workaround for CVE-2005-1278?

There are no recommended workarounds for CVE-2005-1278; upgrading the software is advised.

Published Apr 26, 2005

Updated

The isisprint function, as called by isoclnsprint, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.

Affected Software

1 affected component

Lbl Tcpdump<=3.9.1

Event History

Apr 26, 2005

CVE Published

via MITRE·08:00 AM

Data Sourced

via MITRE·08:00 AM

Description

Frequently Asked Questions

What is the severity of CVE-2005-1278?

CVE-2005-1278 has a severity rating that indicates it can lead to a denial of service due to an infinite loop.

How do I fix CVE-2005-1278?

To fix CVE-2005-1278, upgrade tcpdump to version 3.9.2 or later.

What systems are affected by CVE-2005-1278?

CVE-2005-1278 affects tcpdump versions up to and including 3.9.1.

What type of attack does CVE-2005-1278 facilitate?

CVE-2005-1278 facilitates a denial of service attack that can be executed via a zero-length GRE packet.

Is there a workaround for CVE-2005-1278?