Package: tcpdump
Vulnerability: remote exploit
Debian-specific: no

During internal source code auditing by FreeBSD several buffer overflows
were found which allow an attacker to make tcpdump crash by sending
carefully crafted packets to a network that is being monitored with

This has been fixed in version 3.4a6-4.2.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 2.2 alias potato
- ---------------------------------  Potato was released for the alpha, arm, i386, m68k, powerpc and sparc

  Source archives:
      MD5 checksum: 62a63a125250c0d636a6658910e0955b
      MD5 checksum: 733e906052de894eddce7fa27437b1b2
      MD5 checksum: 8133ffe2af22d66c70419f48a42ac675

  Alpha architecture:
      MD5 checksum: 7f89d984dbe54116c5aa34aae93e5357

  ARM architecture:
      MD5 checksum: 69dd2892ef04adf55f74b80828c26f5e

  Intel ia32 architecture:
      MD5 checksum: 906068aaeebbcb5f50ea1b2dd1aec4c0

  Motorola 680x0 architecture:
      MD5 checksum: 17c6feed12c3875d051659526f16393f

  PowerPC architecture:
      MD5 checksum: c850bdecfe6aded7728ef4b6d6549d8e

  Sun Sparc architecture:
      MD5 checksum: b7fbc7275e859c0b0db165349ecafaf0

For not yet released architectures please refer to the appropriate

apt-get: deb stable/updates main
dpkg  dists/stable/updates/main
Mailing list:

Debian: 'tcpdump' vulnerability

November 20, 2000
Several buffer overflows were found which allow an attacker to make tcpdump crash.



Related News