Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TCPDump远程拒绝服务攻击漏洞
Vulnerability Description
TCPDump是一款功能强大的网络协议分析器。 TCPDump在处理L2TP协议时存在问题,远程攻击者可以利用这个漏洞进行拒绝服务攻击。 发送包含0xff、0x02字节给端口1701/udp,TCPDump中的L2TP协议解析器就会进入无限循环,消耗所有内存并产生段错误。 此漏洞在OpenBSD 3.3和-current之前版本的tcpdump3.7上重现,其他版本也可能存在此问题。
CVSS Information
N/A
Vulnerability Type
N/A