Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 439
Alerts This Week
Warning Icon 1 439

Red Hat: RHSA-2001:089-08 Critical: Tcpdump Remote Root Exploit

red hat
Calendar Grey April 9, 2002
Dist Redhat Esm H88
Recent tcpdump revisions tackle potential remote root vulnerability threats in Red Hat Linux editions 6.2 and 7.x. Apply these security updates without delay.
Updated tcpdump, libpcap, and arpwatch packages are available for RedHat Linux 6.2 and 7.x

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.

Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed ( for more info):

45520 - Remote root exploit 49294 - security problem in tcpdump-3.6.2 AFS printing 47174 - libpcap-0.4-39.i386.rpm does not contain shared library libpcap.so.0 52654 - Tcpdump get spurious packets before kernel filter kicks in 57711 - arpwatch depends on csh for no good reason 54593 - Doco change in specfile (minor) 49635 - PATCH: tcpdump to drop root by default 58346 - tcpdump.spec creates pcap user with nonexistant shell

6. RPMs required:

Red Hat Linux 6.2:

SRPMS:


alpha:




i386:




sparc:




Red Hat Linux 7.0:

SRPMS:


alpha:




i386:




Red Hat Linux 7.1:

SRPMS:


alpha:




i386:




ia64:




Red Hat Linux 7.2:

SRPMS:


i386:




ia64:






7. Verification:

MD5 sum Package Name 56393468b3c93882189220111407f3f7 6.2/en/os/SRPMS/tcpdump-3.6.2-10.6x.src.rpm 2a7bc8c33bc44112cd653deffa276ddb 6.2/en/os/alpha/arpwatch-2.1a11-10.6x.alpha.rpm 8438626e79402194be1f7e102e7aed4f 6.2/en/os/alpha/libpcap-0.6.2-10.6x.alpha.rpm bc74cb7a9f90cf65e97a9b10cc279cc3 6.2/en/os/alpha/tcpdump-3.6.2-10.6x.alpha.rpm 9b11a1b1a4a73a2478d4b8717c860bcc 6.2/en/os/i386/arpwatch-2.1a11-10.6x.i386.rpm a75d8ac51bff83006d89955cef92b9d5 6.2/en/os/i386/libpcap-0.6.2-10.6x.i386.rpm fdf5f72d4fa307aafd3f79eff3924485 6.2/en/os/i386/tcpdump-3.6.2-10.6x.i386.rpm 03eca258656b8c0397588ddb7f081915 6.2/en/os/sparc/arpwatch-2.1a11-10.6x.sparc.rpm 6689626f08db5f9b437f408634057287 6.2/en/os/sparc/libpcap-0.6.2-10.6x.sparc.rpm 598314a8f72083c53ee6cea87df767f4 6.2/en/os/sparc/tcpdump-3.6.2-10.6x.sparc.rpm f662da7a2d04059682e5e91369c27bdd 7.0/en/os/SRPMS/tcpdump-3.6.2-10.7.src.rpm 1584a32f5454af549fa3894a8d9af857 7.0/en/os/alpha/arpwatch-2.1a11-10.7.alpha.rpm c5922dbfc1c0e6a4fd39b4566563c01e 7.0/en/os/alpha/libpcap-0.6.2-10.7.alpha.rpm 75a38254b6fd158af44f6864469158ba 7.0/en/os/alpha/tcpdump-3.6.2-10.7.alpha.rpm fb1f88cae5595afcd8da3f436045e8c4 7.0/en/os/i386/arpwatch-2.1a11-10.7.i386.rpm a718a12b3e9432b682fd56929c381100 7.0/en/os/i386/libpcap-0.6.2-10.7.i386.rpm 8330e5e715cad14f482fae2eff48c18c 7.0/en/os/i386/tcpdump-3.6.2-10.7.i386.rpm f662da7a2d04059682e5e91369c27bdd 7.1/en/os/SRPMS/tcpdump-3.6.2-10.7.src.rpm 1584a32f5454af549fa3894a8d9af857 7.1/en/os/alpha/arpwatch-2.1a11-10.7.alpha.rpm c5922dbfc1c0e6a4fd39b4566563c01e 7.1/en/os/alpha/libpcap-0.6.2-10.7.alpha.rpm 75a38254b6fd158af44f6864469158ba 7.1/en/os/alpha/tcpdump-3.6.2-10.7.alpha.rpm fb1f88cae5595afcd8da3f436045e8c4 7.1/en/os/i386/arpwatch-2.1a11-10.7.i386.rpm a718a12b3e9432b682fd56929c381100 7.1/en/os/i386/libpcap-0.6.2-10.7.i386.rpm 8330e5e715cad14f482fae2eff48c18c 7.1/en/os/i386/tcpdump-3.6.2-10.7.i386.rpm 115633171d83eb88b8e03b2289b18bb9 7.1/en/os/ia64/arpwatch-2.1a11-10.7.ia64.rpm 97a81098ffefd18a1a0d4c5b47531f30 7.1/en/os/ia64/libpcap-0.6.2-10.7.ia64.rpm 0876627b7435b5bc948e61b75e4d859c 7.1/en/os/ia64/tcpdump-3.6.2-10.7.ia64.rpm 8cc590d38b104a31da86c482702f8c52 7.2/en/os/SRPMS/tcpdump-3.6.2-10.7x.src.rpm 064982643eaa2f6a19a318e0c50f2b84 7.2/en/os/i386/arpwatch-2.1a11-10.7x.i386.rpm a00187999381db2a22dadc1a1f1ebca9 7.2/en/os/i386/libpcap-0.6.2-10.7x.i386.rpm b456a14d95d7fdf36f00ef0f41ebc1f4 7.2/en/os/i386/tcpdump-3.6.2-10.7x.i386.rpm 65d133820ef5bdb32baed29284c0101e 7.2/en/os/ia64/arpwatch-2.1a11-10.7x.ia64.rpm 0ac7da164d6b78e8fa62e6a43eb8cd80 7.2/en/os/ia64/libpcap-0.6.2-10.7x.ia64.rpm a8ae32328eb4230b105e6ad5e7c01c58 7.2/en/os/ia64/tcpdump-3.6.2-10.7x.ia64.rpm


These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About

You can verify each package with the following command: rpm --checksig

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

Summary

References

Copyright(c) 2000, 2001, 2002 Red Hat, Inc. `

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2001:089-08
Issue date: 2001-06-28
Updated on: 2002-02-12
Product: Red Hat Linux
Keywords: tcpdump buffer overflow
Cross references:
Obsoletes:

Topic

Relevant Releases Architectures

Red Hat Linux 6.2 - alpha, i386, sparc

Red Hat Linux 7.0 - alpha, i386

Red Hat Linux 7.1 - alpha, i386, ia64

Red Hat Linux 7.2 - i386, ia64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.