Intrusion PreventionTcpdump.ISAKMP.Delete.Payload.DoS
Description
This indicates a possible attempt to exploit a denial-of-service vulnerability in TCPDUMP.
The vulnerability is due to the way ISAKMP Delete payloads are handled. A remote attacker may exploit this to cause a denial of service.
Affected Products
SGI ProPack 3.0
SGI ProPack 2.4
RedHat Linux 9.0 i386
RedHat Linux 7.3
LBL tcpdump 3.8.1
LBL tcpdump 3.7.2
LBL tcpdump 3.7.1
LBL tcpdump 3.7
LBL tcpdump 3.6.3
LBL tcpdump 3.6.2
LBL tcpdump 3.5.2
LBL tcpdump 3.5 alpha
LBL tcpdump 3.5
LBL tcpdump 3.4 a6
LBL tcpdump 3.4
Impact
Denial of service.
Recommended Actions
This is addressed in tcpdump 3.8.3.
The following is a list of advisories that are released concerning this issue:
Mandrake: MDKSA-2004:030
Trustix: 2004-0015
Debian: DSA 478-1
OpenPKG:SA-2004.010
Slackware: SSA:2004-108-01
RedHat: FEDORA-2004-120 for Fedora, RHSA-2004:219-07 for Red Hat Linux Enterprise platforms. Customers may use the Red Hat Update Agent (up2date) to apply the appropriate patches.
Turbolinux: TLSA-2004-16
SGI: 20040603-01-U for SGI ProPack 3, 20040602-01-U for SGI ProPack 2.4
The Fedora Legacy project: FLSA:1468
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-12-11 | 16.978 | Name:TCPDUMP. ISAKMP. Delete. Payload. DoS:Tcpdump. ISAKMP. Delete. Payload. DoS |
| ID | 13519 |
| Created | Oct 20, 2006 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2004-0183 |
| Exploit Prediction Score | 55.07% |
| Default Action | drop |
| Active | |
| Affected OS | Linux, BSD, Other |
| Affected App | Other |