Gentoo: GLSA-201402-22: TCPTrack: Arbitrary code execution
Summary
A heap-based buffer overflow vulnerability exists in TCPTrack's parsing of command line arguments. This is only a vulnerability in limited scenarios in which TCPTrack is "configured as a handler for other applications."
Resolution
All TCPTrack users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/tcptrack-1.4.2"
NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since August 06, 2011. It is likely that your system is
already no longer affected by this issue.
References
[ 1 ] CVE-2011-2903 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2903
Availability
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/201402-22
Concerns
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
Synopsis
A heap-based buffer overflow in TCPTrack might allow a remote attacker to execute arbitrary code.
Background
TCPTrack is a simple libpcap based program for live TCP connection monitoring.
Affected Packages
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/tcptrack < 1.4.2 >= 1.4.2
Impact
===== A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition with a specially crafted command-line argument.
Workaround
There is no known workaround at this time.