CVE-2003-0093
tcpdump - infinite loop
EPSS 1.5%
Description
The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.
How to fix CVE-2003-0093
To remediate CVE-2003-0093, upgrade the affected package to a fixed version below.
- Debian/tcpdump—upgrade to 3.7.1-1 or later
- Debian/tcpdump—upgrade to 3.6.2-2.4 or later
Is CVE-2003-0093 being exploited?
Low — EPSS is 1.5%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 3.7.1-1
- from 0, < 3.6.2-2.4