CVE-2006-0048

NameCVE-2006-0048
DescriptionFrancesco Stablum tcpick 0.2.1 allows remote attackers to cause a denial of service (segmentation fault) via certain fragmented packets, possibly involving invalid headers and an attacker-controlled payload length. NOTE: this issue might be a buffer overflow or overread.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs360571

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
tcpick (PTS)buster0.2.1-8fixed
bookworm, bullseye0.2.1-10fixed
sid, trixie0.2.1-11fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
tcpicksource(unstable)0.2.1-3low360571

Notes

[sarge] - tcpick <no-dsa> (Minor issue)
Search for package or bug name: Reporting problems