CVE-2004-0184

Description

Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

How to fix CVE-2004-0184

To remediate CVE-2004-0184, upgrade the affected package to a fixed version below.

• Debian/tcpdump—upgrade to 3.7.2-4 or later

Is CVE-2004-0184 being exploited?

Likely — EPSS is 65.3%, placing CVE-2004-0184 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.

Affected packages (1)

• from 0, < 3.7.2-4

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2004-0184