Total vulnerabilities in the database
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
| Software | From | Fixed in |
|---|---|---|
| lbl / tcpdump | 3.7.1 | 3.7.1.x |
| lbl / tcpdump | 3.9.1 | 3.9.1.x |
| lbl / tcpdump | 3.8.2 | 3.8.2.x |
| lbl / tcpdump | 3.5 | 3.5.x |
| lbl / tcpdump | 3.5_alpha | 3.5_alpha.x |
| lbl / tcpdump | 3.5.2 | 3.5.2.x |
| lbl / tcpdump | 3.7 | 3.7.x |
| lbl / tcpdump | 3.4 | 3.4.x |
| lbl / tcpdump | 3.8.3 | 3.8.3.x |
| lbl / tcpdump | 3.4a6 | 3.4a6.x |
| lbl / tcpdump | 3.6.3 | 3.6.3.x |
| lbl / tcpdump | 3.9 | 3.9.x |
| lbl / tcpdump | 3.8.1 | 3.8.1.x |
| lbl / tcpdump | 3.6.2 | 3.6.2.x |
| lbl / tcpdump | 3.7.2 | 3.7.2.x |
| trustix / secure_linux | 2.0 | 2.0.x |
| mandrakesoft / mandrake_linux | 10.2 | 10.2.x |
| mandrakesoft / mandrake_linux | 10.1 | 10.1.x |
| redhat / fedora_core | core_4.0 | core_4.0.x |
| trustix / secure_linux | 2.1 | 2.1.x |
| trustix / secure_linux | 2.2 | 2.2.x |
| redhat / fedora_core | core_3.0 | core_3.0.x |
| gentoo / linux | - | - |