Published: 31/05/1999 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

tcpdump, Ethereal, and other sniffer packages allow remote malicious users to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ethereal group ethereal 0.8.5
ethereal group ethereal 0.8.6
lbl tcpdump 3.4
ethereal group ethereal 0.8.4
lbl tcpdump 3.5a

source: wwwsecurityfocuscom/bid/1165/info A vulnerability exists in the DNS decode capabilities provided as part of the tcpdump sniffer, from LBL, as well as other sniffers, including Ethereal, by Gerald Combs These sniffers will attempt to decode DNS request and queries However, due to the DNS name compression scheme, it is possible to ...

source: wwwsecurityfocuscom/bid/1165/info A vulnerability exists in the DNS decode capabilities provided as part of the tcpdump sniffer, from LBL, as well as other sniffers, including Ethereal, by Gerald Combs These sniffers will attempt to decode DNS request and queries However, due to the DNS name compression scheme, it is possible t ...

NVD-CWE-Other http://www.securityfocus.com/bid/1165 http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.SOL.4.10.10005021942380.2077-100000%40paranoia.pgci.ca https://nvd.nist.gov https://www.exploit-db.com/exploits/19891/https://www.kb.cert.org/vuls/id/23495

CVE-2000-0333

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect