The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
Conclusion & alert: CVE-2005-1267 is rated High Exploit Risk (62.5/100): CVSS Medium severity, with high exploitation likelihood (EPSS 11.27%, 93th percentile). Core evidence: 1 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| 1037 | exploit_db | edb | 2005-06-09 | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2025-03-30 | 18.78% | 11.27% | -7.51% |
| 2 | 2025-03-29 | 11.27% | 18.78% | +7.51% |
| 3 | 2025-03-17 | — | 11.27% | — |
Full EPSS history (11 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 5.0 | 2.0 | MEDIUM |
|
10.0 | 2.9 | [email protected] |
| vendor | priority | summary | link |
|---|---|---|---|
debian
|
medium | CVE-2005-1267 medium priority: Debian including 1 source packages (tcpdump), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. | https://security-tracker.debian.org/tracker/CVE-2005-1267 |
redhat
|
low | — | https://access.redhat.com/security/cve/CVE-2005-1267 |
ubuntu
|
medium | CVE-2005-1267 medium priority: Ubuntu including 1 source packages (tcpdump), 4 status rows across 4 suites (dapper, edgy, feisty, upstream): not-affected 3, needs-triage 1. | https://ubuntu.com/security/CVE-2005-1267 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| lbl | tcpdump | 3.4 | cpe:2.3:a:lbl:tcpdump:3.4:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.4a6 | cpe:2.3:a:lbl:tcpdump:3.4a6:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.5 | cpe:2.3:a:lbl:tcpdump:3.5:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.5.2 | cpe:2.3:a:lbl:tcpdump:3.5.2:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.5_alpha | cpe:2.3:a:lbl:tcpdump:3.5_alpha:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.6.2 | cpe:2.3:a:lbl:tcpdump:3.6.2:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.6.3 | cpe:2.3:a:lbl:tcpdump:3.6.3:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.7 | cpe:2.3:a:lbl:tcpdump:3.7:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.7.1 | cpe:2.3:a:lbl:tcpdump:3.7.1:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.7.2 | cpe:2.3:a:lbl:tcpdump:3.7.2:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.8.1 | cpe:2.3:a:lbl:tcpdump:3.8.1:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.8.2 | cpe:2.3:a:lbl:tcpdump:3.8.2:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.8.3 | cpe:2.3:a:lbl:tcpdump:3.8.3:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.9 | cpe:2.3:a:lbl:tcpdump:3.9:*:*:*:*:*:*:* |
| lbl | tcpdump | 3.9.1 | cpe:2.3:a:lbl:tcpdump:3.9.1:*:*:*:*:*:*:* |
| gentoo | linux | — | cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:* |
| mandrakesoft | mandrake_linux | 10.1 | cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:* |
| mandrakesoft | mandrake_linux | 10.1 | cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:* |
| mandrakesoft | mandrake_linux | 10.2 | cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:* |
| mandrakesoft | mandrake_linux | 10.2 | cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86_64:*:*:*:*:* |
| redhat | fedora_core | core_3.0 | cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:* |
| redhat | fedora_core | core_4.0 | cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:* |
| trustix | secure_linux | 2.0 | cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:* |
| trustix | secure_linux | 2.1 | cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:* |
| trustix | secure_linux | 2.2 | cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:* |