CVE-2004-0183 - OpenCVE

TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Tcpdump	Tcpdump

Configuration 1 [-]

cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*

References

Link	Resource
http://marc.info/?l=bugtraq&m=108067265931525&w=2	Mailing List Third Party Advisory
http://secunia.com/advisories/11258	Broken Link
http://secunia.com/advisories/11320	Broken Link
http://securitytracker.com/id?1009593	Broken Link Third Party Advisory VDB Entry
http://www.debian.org/security/2004/dsa-478	Broken Link Patch Vendor Advisory
http://www.kb.cert.org/vuls/id/240790	Third Party Advisory US Government Resource
http://www.rapid7.com/advisories/R7-0017.html	Broken Link
http://www.redhat.com/support/errata/RHSA-2004-219.html	Broken Link
http://www.securityfocus.com/bid/10003	Broken Link Third Party Advisory VDB Entry
http://www.tcpdump.org/tcpdump-changes.txt	Release Notes
http://www.trustix.org/errata/2004/0015	Broken Link
https://bugzilla.fedora.us/show_bug.cgi?id=1468	Broken Link Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/15680	Broken Link VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A972	Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9971	Broken Link

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2004-04-06T04:00:00

Updated: 2017-10-10T00:57:01

Reserved: 2004-03-02T00:00:00

Link: CVE-2004-0183

JSON object: View

NVD Information

Status : Analyzed

Published: 2004-05-04T04:00:00.000

Modified: 2024-02-15T20:53:50.483

Link: CVE-2004-0183

JSON object: View

Redhat Information

No data.

CWE

CWE-125

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-03-30T00:00:00", "descriptions": [{"lang": "en", "value": "TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "VU#240790", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/240790"}, {"name": "oval:org.mitre.oval:def:9971", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9971"}, {"name": "RHSA-2004:219", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2004-219.html"}, {"name": "1009593", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1009593"}, {"name": "DSA-478", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2004/dsa-478"}, {"name": "11258", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/11258"}, {"name": "2004-0015", "tags": ["vendor-advisory", "x_refsource_TRUSTIX"], "url": "http://www.trustix.org/errata/2004/0015"}, {"name": "11320", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/11320"}, {"name": "tcpdump-isakmp-delete-bo(15680)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15680"}, {"name": "oval:org.mitre.oval:def:972", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A972"}, {"tags": ["x_refsource_MISC"], "url": "http://www.rapid7.com/advisories/R7-0017.html"}, {"name": "10003", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/10003"}, {"name": "FEDORA-2004-1468", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1468"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.tcpdump.org/tcpdump-changes.txt"}, {"name": "20040330 R7-0017: TCPDUMP ISAKMP payload handling denial-of-service vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=108067265931525&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0183", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "VU#240790", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/240790"}, {"name": "oval:org.mitre.oval:def:9971", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9971"}, {"name": "RHSA-2004:219", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-219.html"}, {"name": "1009593", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1009593"}, {"name": "DSA-478", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-478"}, {"name": "11258", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11258"}, {"name": "2004-0015", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2004/0015"}, {"name": "11320", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11320"}, {"name": "tcpdump-isakmp-delete-bo(15680)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15680"}, {"name": "oval:org.mitre.oval:def:972", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A972"}, {"name": "http://www.rapid7.com/advisories/R7-0017.html", "refsource": "MISC", "url": "http://www.rapid7.com/advisories/R7-0017.html"}, {"name": "10003", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10003"}, {"name": "FEDORA-2004-1468", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1468"}, {"name": "http://www.tcpdump.org/tcpdump-changes.txt", "refsource": "CONFIRM", "url": "http://www.tcpdump.org/tcpdump-changes.txt"}, {"name": "20040330 R7-0017: TCPDUMP ISAKMP payload handling denial-of-service vulnerabilities", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=108067265931525&w=2"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0183", "datePublished": "2004-04-06T04:00:00", "dateReserved": "2004-03-02T00:00:00", "dateUpdated": "2017-10-10T00:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*", "matchCriteriaId": "770A6EDA-10B7-4DB1-B150-A40F015FE3FB", "versionEndIncluding": "3.8.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite."}, {"lang": "es", "value": "TCPDUMP 3.8.1 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante paquetes ISAKMP conteniendo un carga \u00fatil de Dorrado con un gran n\u00fameo de SPIs, lo que causa una lectura fuera de l\u00edmites, como se ha demostrado por el paquete de pruebas de protocolo ISAKMP Striker."}], "id": "CVE-2004-0183", "lastModified": "2024-02-15T20:53:50.483", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-05-04T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=108067265931525&w=2"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/11258"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/11320"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://securitytracker.com/id?1009593"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2004/dsa-478"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/240790"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.rapid7.com/advisories/R7-0017.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2004-219.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/10003"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "http://www.tcpdump.org/tcpdump-changes.txt"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.trustix.org/errata/2004/0015"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Issue Tracking"], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1468"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15680"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A972"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9971"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}