April 21st, 2004, 08:40 PM
TCPDump ISAKMP Payload Buffer Overrun
Basically from what I read about this is if you run TCPDump, and someone sends one of those magically crafted packets of doom, it could cause a TCPDump loop, which would ergo be a DoS attack, and that would be bad. Anything prior to version 3.8.1 is vulnerable. tcpdump.org has the available update that would fix this patch.
I searched and didn't see this posted anywhere, and if it is posted I apologize.
Source = http://www.securityfocus.com/advisories/6527
tcpdump, a tool for network monitoring and data acquisition, was found
to contain two vulnerabilities whereby tcpdump could be caused to
crash through attempts to read from invalid memory locations. This
bug is triggered by certain invalid ISAKMP packets.