CVE-2005-1280

Description

The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.

How to fix CVE-2005-1280

To remediate CVE-2005-1280, upgrade the affected package to a fixed version below.

• Debian/tcpdump—upgrade to 3.8.3-4 or later

Is CVE-2005-1280 being exploited?

Moderate — EPSS is 13.6%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 3.8.3-4

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2005-1280