CVE-2002-1350

NONE EPSS 81.7%
Published Dec 23, 200223y ago · Modified Jun 16, 20262w ago
Find Similar
Published Dec 23, 2002 23y ago
Last Modified Jun 16, 2026 2w ago

Description

The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash).

Threat Intelligence

EPSS Exploit Probability
81.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 1

VendorProductVersionRange
lbltcpdump* ≤3.6.2.2.2

References 10

  • ftp.caldera.com ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-050.0.txt
  • marc.info http://marc.info/?l=bugtraq&m=104032975103398&w=2
  • debian.org http://www.debian.org/security/2002/dsa-206
    PatchVendor Advisory
  • mandrakesoft.com http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:027
  • redhat.com http://www.redhat.com/support/errata/RHSA-2003-032.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2003-033.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2003-214.html
  • securityfocus.com http://www.securityfocus.com/bid/6213
    PatchVendor Advisory
  • tcpdump.org http://www.tcpdump.org/lists/workers/2001/10/msg00101.html
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/10695

Remediation

  • debian.org http://www.debian.org/security/2002/dsa-206
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/6213
    PatchVendor Advisory