[PLDSA 49-1] New tcpdump packages fix denial of service vulnerability
Krzysiek Taraszka
dzimi at pld.org.pl
Sat May 3 15:45:45 CEST 2003
- --------------------------------------------------------------------------
PLD Security Advisory PLDSA 49-1 security at pld.org.pl
http://www.pld.org.pl/security/ PLD Security Team
05 April 2003 http://www.pld.org.pl/security/faq
- --------------------------------------------------------------------------
Package : prior to tcpdump-3.7.1-1
Vulnerability : infinite loop
Problem-Type : remote
PLD-specific : no
CVE references : CAN-2003-0108
Andrew Griffiths and iDEFENSE Labs discovered a problem in tcpdump, a
powerful tool for network monitoring and data acquisition. An
attacker is able to send a specially crafted network packet which
causes tcpdump to enter an infinite loop.
In addition to the above problem the tcpdump developers discovered a
potential infinite loop when parsing malformed BGP packets. They also
discovered a buffer overflow that can be exploited with certain
malformed NFS packets.
The above problems have been fixed in version 3.7.2-1 for the
current stable distribution (ra).
We recommend that you upgrade your tcpdump packages.
wget -c url
will fetch the file for you
rpm -Uhv file(s)*.rpm
will upgrade the referenced file.
If you are using "poldek" - the package manager, use the line as given below
for upgrade packages
poldek --update
will update the internal database
poldek --upgrade 'tcpdump*'
will install corrected packages
If you are using "apt" - the package manager, use the line as given below
for upgrade packages
apt-get update
will update the internal database
apt-get upgrade 'tcpdump*'
will install corrected packages
PLD Linux 1.0 alias ra
- --------------------
Source archives:
ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/tcpdump-3.7.2-1.src.rpm
MD5 checksum: a030313b7358787e96b17b58a28452f1
I386 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/tcpdump-3.7.2-1.i386.rpm
MD5 checksum: d329b88ab1c07f776c53918f173c27bd
I586 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/tcpdump-3.7.2-1.i586.rpm
MD5 checksum: 965f6ffcab644d6f99728968c22ff698
I686 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/tcpdump-3.7.2-1.i686.rpm
MD5 checksum: 70d010357f4a18b3cc38b2d0ec319c6b
PowerPC Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/tcpdump-3.7.2-1.ppc.rpm
MD5 checksum: 5ee620f7cd1cebce2791d2cd951286b4
-
--------------------------------------------------------------------------------
-
If you are using poldek add this line to poldek.conf.
If you are using apt-get add this line to sources.list.
For i386 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security
For i586 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security
For i686 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security
For ppc architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security
More information about the pld-security-announce
mailing list