CVE-2000-0333

Ethereal - Denial of Service

Title source: rule

Description

tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet.

Exploits (2)

exploitdb WRITEUP VERIFIED

by scut · textremotelinux

https://www.exploit-db.com/exploits/19892

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Hugo Breton · cremotelinux

https://www.exploit-db.com/exploits/19891

View Code ZIP pw:eip

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.SOL.4.10.10005021942380.2077-100000%40paranoia.pgci.ca

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/1165

Scores

EPSS 0.0688

EPSS Percentile 91.4%

Details

Status published

Products (5)

ethereal_group/ethereal 0.8.4

ethereal_group/ethereal 0.8.5

ethereal_group/ethereal 0.8.6

lbl/tcpdump 3.4

lbl/tcpdump 3.5a

Published May 31, 1999

Tracked Since Feb 18, 2026