CVE-2003-1029
EPSS 21.4%
Description
The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets.
How to fix CVE-2003-1029
To remediate CVE-2003-1029, upgrade the affected package to a fixed version below.
- Debian/tcpdump—upgrade to 3.8.3-1 or later
Is CVE-2003-1029 being exploited?
Moderate — EPSS is 21.4%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 3.8.3-1