Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
197
security advisorydenial of servicecode executionDebian 9: DLA-2383-1 Moderate: Nfdump Buffer Overflow Risk
Two issues have been found in nfdump, a netflow capture daemon. Both issues are related to either a buffer overflow or an integer overflow, which could result in a denial of service or a local code . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2383-1
Sep 26, 2020
Debian LTS
91
security advisoryupdategentooGentoo: GLSA-202003-17 Normal: nfdump Arbitrary Code Execution
Multiple vulnerabilities have been found in nfdump, the worst of which could result in the execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: nfdump: Multiple vulnerabilities Date: March 15, 2020 Bugs: #711316 ID: 202003-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in nfdump, the worst of which could result in the execution of arbitrary code. Background ========= nfdump is a toolset in order to collect and process netflow and sflow data, sent from netflow/sflow compatible devices. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/nfdump < 1.6.19 > = 1.6.19 Description ========== Multiple vulnerabilities have been discovered in nfdump. Please review the CVE identifiers referenced below for details. Impact ===== A remote attacker, by sending specially crafted netflow/sflow data, could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All nfdump users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-analyzer/nfdump-1.6.19" References ========= [ 1 ] CVE-2019-1010057 https://nvd.nist.gov/vuln/detail/CVE-2019-1010057 [ 2 ] CVE-2019-14459 https://nvd.nist.gov/vuln/detail/CVE-2019-14459 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202003-17 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Mar 14, 2020
Gentoo
89
security advisorydenial of servicebuffer overflowFedora 30: 2019-0fbfb00cbb Critical Nfdump Denial of Service
2019-08-14 - Fix compile issues - Fix output buffer size for lzo1x_decompress_safe() 2019-08-07 - Fix VerifyExtensionMap #179 2019-08-06 - Fix compile errors 2019-08-05 - Fix nfdump.1 man page. #175 - Fix off by 1 array. #173 - Fix use after free in ModifyCompressFile - Add bound checks in AddExporterStat #174 - Add bound checks in AddSamplerInfo #176 - Add bound. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-0fbfb00cbb 2019-08-24 01:02:35.701884 --------------------------------------------------------------------------------Name : nfdump Product : Fedora 30 Version : 1.6.18 Release : 1.fc30 URL : https://github.com/phaag/nfdump Summary : NetFlow collecting and processing tools Description : Nfdump is a set of tools to collect and process NetFlow data. It's fast and has a powerful filter pcap like syntax. It supports NetFlow versions v1, v5, v7, v9 and IPFIX as well as a limited set of sflow. It includes support for CISCO ASA (NSEL) and CISCO NAT (NEL) devices which export event logging records as v9 flows. Nfdump is fully IPv6 compatible. --------------------------------------------------------------------------------Update Information: 2019-08-14 - Fix compile issues - Fix output buffer size for lzo1x_decompress_safe() 2019-08-07 - Fix VerifyExtensionMap #179 2019-08-06 - Fix compile errors 2019-08-05 - Fix nfdump.1 man page. #175 - Fix off by 1 array. #173 - Fix use after free in ModifyCompressFile - Add bound checks in AddExporterStat #174 - Add bound checks in AddSamplerInfo #176 - Add bound checks in AddExporterInfo - Fix checks in InsertExtensionMap #177 - Remove COMPAT15 code - should no longer be needed. - Move version to v1.6.18 - Merge pull request #167 - Cleanup old code - Replace depricated pcap_lookupdev call in nfpcapd 2019-07-31 - Add early record size sanity check also for nfprofile, nfanon and nfreplay 2019-07-26 - nfpcapd cleanup, add some moremonitoring -Fix hbo_exporter.c:249_1 segfault - Fix hbo_nffile_inline.c:85_1 segfault - Fix hbo_nfx.c:216_3 segfault - Update minilzo to v2.10 - Change to safe lzo decompress function 2019-07-25 - Rework nfpcapd and add it officially to the nfdump collection. - Add nfpcapd man page - Fix potential unsigned integer underflow #171 2019-07-16 - Add latency extension if dumping flowcache 2019-07-15 - Fix typos - Fix exporter struct inconsistancies. Coredump on ARM otherwise. 2019-07-02 - Add ipfix element #150, #151 unix time start/end - Fix display bug raw record 2019-06-01 - Add ipfix dyn element handling. - Add empty m4 directory - keep autoconf happy 2019-06-01 - Fix issue #162 - ipfix mpls sequece. - Fix issue #156 - print flowtable index error 2019-03-17 - Fix spec file - Remove non thread safe logging in nfpcapd 2018-11-24 - Fix protocol tag for protocol 87 - TCF - #130 - Add TCP flags ECN,CVR - #132 - Fix some error messages to be printed to the correct stream #135 - Add missing -M command line help to nfcapd - Remove padding byte warning in log #141 - Fix bug to accept -y compression flag in nfcapd. - #145 2018-06-24 - Fix bookkeeper type - use key_t - Add multiple packet repeaters to nfcapd/sfcapd. Up to 8 repeaters (-R) can be defined. - Ignore OSX .DS_Store files in -R file list -Add CISCO ASA elements initiatorPackets (298) responderPackets (299) - Merge #120 pull request for -z parameter to nfreplay - Update man page nfreplay --------------------------------------------------------------------------------ChangeLog: * Wed Aug 14 2019 Denis Fateyev - 1.6.18-1 - Update to version 1.6.18 * Thu Jul 25 2019 Fedora Release Engineering - 1.6.17-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1735649 - CVE-2019-14459 nfdump: integer overflow in function Process_ipfix_template_withdraw in ipfix.c leads to denial of service [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1735649 [ 2 ] Bug #1735555 - CVE-2019-1010057 nfdump: buffer overflow in nfx.c, nffile_inline.c and minilzo.c [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1735555 [ 3 ] Bug #1735648 - CVE-2019-14459 nfdump: integer overflow in function Process_ipfix_template_withdraw in ipfix.c leads to denial of service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1735648 [ 4 ] Bug #1735554 - CVE-2019-1010057 nfdump: buffer overflow in nfx.c, nffile_inline.c and minilzo.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1735554 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-0fbfb00cbb' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Aug 23, 2019
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!