| Revision Date: | 2004-01-15 | Version: | 505 |
| Title: | RHSA-2004:008: tcpdump security update (Moderate) |
| Description: | Tcpdump is a command-line tool for monitoring network traffic.
George Bakos discovered flaws in the ISAKMP decoding routines of tcpdump versions prior to 3.8.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0989 to this issue.
Jonathan Heusser discovered an additional flaw in the ISAKMP decoding routines for tcpdump 3.8.1 and earlier. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0057 to this issue.
Jonathan Heusser discovered a flaw in the print_attr_string function in the RADIUS decoding routines for tcpdump 3.8.1 and earlier. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0055 to this issue.
Remote attackers could potentially exploit these issues by sending carefully-crafted packets to a victim. If the victim uses tcpdump, these pakets could result in a denial of service, or possibly execute arbitrary code as the 'pcap' user.
Users of tcpdump are advised to upgrade to these erratum packages, which contain backported security patches and are not vulnerable to these issues.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2003-0989
CVE-2004-0055
CVE-2004-0057
RHSA-2004:008-04
|
| Platform(s): | Red Hat Enterprise Linux 3
| Product(s): | |
| Definition Synopsis |
| Red Hat Enterprise Linux 3 is installed AND Package Information
tcpdump is earlier than 14:3.7.2-7.E3.1
AND tcpdump is signed with Red Hat master key
OR
libpcap is earlier than 14:0.7.2-7.E3.1
AND libpcap is signed with Red Hat master key
OR
arpwatch is earlier than 14:2.1a11-7.E3.1
AND arpwatch is signed with Red Hat master key
|