Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

Slackware 9.0-12.0 Security Advisory: Tcpdump Integer Overflow Critical

slackware
Calendar Grey August 18, 2007
Dist Slackware Esm H88
Security bulletin for tcpdump patch in Slackware versions 9.0 through 12.0 targeting severe vulnerability mitigation.
New tcpdump packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to fix a security issue

Summary

Here are the details from the Slackware 12.0 ChangeLog: patches/packages/tcpdump-3.9.7-i486-1_slack12.0.tgz: Upgraded to libpcap-0.9.7, tcpdump-3.9.7. This new version fixes an integer overflow in the BGP dissector which could possibly allow remote attackers to crash tcpdump or to execute arbitrary code. For more information, see: https://www.cve.org/CVERecord?id=CVE-2007-3798 (* Security fix *)

Topics%20covered

Topics Covered

security advisory critical issue software update tcpdump Slackware integer overflow network utility

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 9.0: ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/tcpdump-3.9.7-i386-1_slack9.0.tgz
Updated package for Slackware 9.1: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/tcpdump-3.9.7-i486-1_slack9.1.tgz
Updated package for Slackware 10.0: ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/tcpdump-3.9.7-i486-1_slack10.0.tgz
Updated package for Slackware 10.1: ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/tcpdu...

Read the Full Advisory

MD5 Signatures

Slackware 9.0 package: 3ac8262bcab4556d29db76c6bab77b4c tcpdump-3.9.7-i386-1_slack9.0.tgz
Slackware 9.1 package: 41cb8e80ae262be700aee5343d8e91a8 tcpdump-3.9.7-i486-1_slack9.1.tgz
Slackware 10.0 package: c530e5cdde5dcaa16d4f1c5a85d96f32 tcpdump-3.9.7-i486-1_slack10.0.tgz
Slackware 10.1 package: 3b75b71c289c3d90ac0a3eab4c864879 tcpdump-3.9.7-i486-1_slack10.1.tgz
Slackware 10.2 package: 60d19664ef5c43f463e6d8dcb7f808bb tcpdump-3.9.7-i486-1_slack10.2.tgz
Slackware 11.0 package: 9dbfc4c5aac75837cfb661c06cad668b tcpdump-3.9.7-i486-1_slack11.0.tgz
Slackware 12.0 package: f2b34a0c29485d8f942602b69fae0c70 tcpdump-3.9.7-i486-1_slack12.0.tgz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical issue software update tcpdump Slackware integer overflow network utility

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg tcpdump-3.9.7-i486-1_slack12.0.tgz

Related News

Your message here