Debian: DSA 425-1 Moderate: Tcpdump Remote Code Execution Threat
debian
January 16, 2004
A number of buffer overflows could be exploited to crash tcpdump, or execute arbitrary code with the privileges of tcpdump.
Summary
Multiple vulnerabilities were discovered in tcpdump, a tool for
inspecting network traffic. If a vulnerable version of tcpdump
attempted to examine a maliciously constructed packet, a number of
buffer overflows could be exploited to crash tcpdump, or potentially
execute arbitrary code with the privileges of the tcpdump process.
CAN-2003-1029 - infinite loop and memory consumption in processing
L2TP packets
CAN-2003-0989, CAN-2004-0057 - infinite loops in processing ISAKMP
packets.
CAN-2004-0055 - segmentation fault caused by a RADIUS attribute with a
large length value
For the current stable distribution (woody) these problems have been
fixed in version 3.6.2-2.7.
For the unstable distribution (sid) these problems will be fixed soon.
We recommend that you update your tcpdump package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
source...
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Package: tcpdump
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!