The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Tcpdump | Lbl | 3.5 | 3.5 |
Tcpdump | Lbl | 3.5.2 | 3.5.2 |
Tcpdump | Lbl | 3.4 | 3.4 |
Tcpdump | Lbl | 3.4a6 | 3.4a6 |
Tcpdump | Lbl | 3.6.2 | 3.6.2 |