tcpdump-3.9.4-11

Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria.
Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based. (CVE-2007-1218)
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. (CVE-2007-3798)
In addition, the following bugs have been addressed:
* The arpwatch service initialization script would exit prematurely, returning an incorrect successful exit status and preventing the status command from running in case networking is not available.
* Tcpdump would not drop root privileges completely when launched with the -C option. This might have been abused by an attacker to gain root privileges in case a security problem was found in tcpdump. Users of tcpdump are encouraged to specify meaningful arguments to the -Z option in case they want tcpdump to write files with privileges other than of the pcap user.