Description
tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet.
Affected products
- ethereal_group / ethereal0.8.4 – 0.8.4
- ethereal_group / ethereal0.8.5 – 0.8.5
- ethereal_group / ethereal0.8.6 – 0.8.6
- lbl / tcpdump3.4 – 3.4
- lbl / tcpdump3.5a – 3.5a