CVE-2000-0333

Published: May 31, 1999Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet.

Affected (5)

Products: Ethereal Group: Ethereal · Lbl: Tcpdump

1 product

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Ethereal Group Ethereal	Version 0.8.4
Ethereal Group Ethereal	Version 0.8.5
Ethereal Group Ethereal	Version 0.8.6
Lbl Tcpdump	Version 3.4
Lbl Tcpdump	Version 3.5a

References (4)

http://www.securityfocus.com/bid/1165

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.SOL.4.10.10005021942380.2077-100000%40paranoia.pgci.ca

Source: cve@mitre.org

http://www.securityfocus.com/bid/1165

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.SOL.4.10.10005021942380.2077-100000%40paranoia.pgci.ca

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.