Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Gentoo: GLSA 200404-03 High: Tcpdump ISAKMP Parsing Risk

gentoo
Calendar Grey April 6, 2004
Dist Gentoo Esm H88
Numerous weaknesses in ISAKMP parsing within tcpdump and libpcap could potentially enable remote code execution.
There are multiple vulnerabilities in tcpdump and libpcap related to parsing of ISAKMP packets.

Summary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory                           GLSA 200404-03
                                             https://security.gentoo.org/

  Severity: High
     Title: Tcpdump Vulnerabilities in ISAKMP Parsing
      Date: March 31, 2004 
      Bugs: #38206, #46258
        ID: 200404-03


Synopsis
=======
There are multiple vulnerabilities in tcpdump and libpcap related to
parsing of ISAKMP packets.

Background
=========
Tcpdump is a program for monitoring IP network traffic. Libpcap is a
supporting library which is responsibile for capturing packets off a
network interface.

Affected packages
================
    -------------------------------------------------------------------
     Package               /    Vulnerable    /             Unaffected
    -------------------------------------------------------------------
     net-analyzer/tcpdump        <= 3.8.1                  >= 3.8.3-r1
     net-libs/libpcap           <= 0.8.1-r1                >= 0.8.3-r1

==========
There are two spec...
Read the Full Advisory
Topics%20covered

Topics Covered

security advisory high severity gentoo tcpdump remote code execution libpcap isakmp parsing

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory high severity gentoo tcpdump remote code execution libpcap isakmp parsing

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here