tcpdump-3.9.4-11
エラータID: AXSA:2008-528:01
Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria.
Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based. (CVE-2007-1218)
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. (CVE-2007-3798)
In addition, the following bugs have been addressed:
* The arpwatch service initialization script would exit prematurely, returning an incorrect successful exit status and preventing the status command from running in case networking is not available.
* Tcpdump would not drop root privileges completely when launched with the -C option. This might have been abused by an attacker to gain root privileges in case a security problem was found in tcpdump. Users of tcpdump are encouraged to specify meaningful arguments to the -Z option in case they want tcpdump to write files with privileges other than of the pcap user.
Update packages.
Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
N/A
SRPMS
- tcpdump-3.9.4-11.src.rpm
MD5: 79ed3c6adc9e83685f10b56ddf7ef0fa
SHA-256: cdb64ed4ad444f3425d52ab549d7eb1341b8c216084eb284e9bdda71b1ac75ae
Size: 1.40 MB
Asianux Server 3 for x86
- arpwatch-2.1a13-18.i386.rpm
MD5: 8c1313fefc2fe05b7ea1fe8467216c4d
SHA-256: 210b64a7f1df84cbead13d85d6550622182f10c07bf4c20f87d568e1fa8a20f4
Size: 208.96 kB - libpcap-0.9.4-11.i386.rpm
MD5: 9598f4718423f97a0aa9a58a4f03e35d
SHA-256: ad124fcd268c78d79c41bcb53990d26688b9f08565a9f538b17fad071ece11b9
Size: 106.54 kB - tcpdump-3.9.4-11.i386.rpm
MD5: 12c94eecd3c00a9a04e6b6b7d57b34b3
SHA-256: 346a1a0990115e429db44501bf6964f125021dce494fc3f4219f9a8c83965f57
Size: 444.67 kB
Asianux Server 3 for x86_64
- arpwatch-2.1a13-18.x86_64.rpm
MD5: 200f7fba14c6011434b960b01a5e68db
SHA-256: 2945754b031d345794afad9379eadb6e09802f2924ef17fbdaa7bd49758e3bfc
Size: 207.50 kB - libpcap-0.9.4-11.x86_64.rpm
MD5: 42f4d1a31d36926ef7b5ecd29928e659
SHA-256: 06fbd08d4cc7d55a7bab0be704d1f02f45375c026f5d57b586cb1c52c8084505
Size: 106.94 kB - tcpdump-3.9.4-11.x86_64.rpm
MD5: 464bf43ad6819936f31302a75408509b
SHA-256: 7aaee1950c4ed68ec80659301571abb4eff6e1c14c4fc69534e57f574ab322bd
Size: 444.03 kB