FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2003-1029

This CVE name corresponds to:

Entered Topic
2004-01-19 L2TP, ISAKMP, and RADIUS parsing vulnerabilities in tcpdump

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2003-1029 at cve.mitre.org

Details

Type Candidate
Name CVE-2003-1029
Phase Assigned(20040114)

Description

The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets.

References

Source Reference
BUGTRAQ 20031220 Remote crash in tcpdump from OpenBSD
BUGTRAQ 20031221 Re: Remote crash in tcpdump from OpenBSD
BUGTRAQ 20040119 [ESA-20040119-002] 'tcpdump' multiple vulnerabilities.
MLIST [tcpdump-workers] 20031224 Seg fault of tcpdump (v 3.8.1 and below) with malformed l2tp packets
DEBIAN DSA-425
ENGARDE ESA-20040119-002
MANDRAKE MDKSA-2004:008
SECTRACK 1008748
SECUNIA 10636
SECUNIA 10652
SECUNIA 10668
SECUNIA 10718

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.