Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:3857
HistoryDec 11, 2002 - 12:00 a.m.

[SECURITY] [DSA-206-1] tcpdump BGP decoding error

2002-12-1100:00:00
vulners.com
19
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Debian Security Advisory DSA-206-1 [email protected]
http://www.debian.org/security/ Wichert Akkerman
December 10, 2002

Package : tcpdump
Problem type : incorrect bounds checking
Debian-specific: no

The BGP decoding routines for tcpdump used incorrect bounds checking
when copying data. This could be abused by introducing malicious traffic
on a sniffed network for a denial of service attack against tcpdump,
or possibly even remote code execution.

This has been fixed in version 3.6.2-2.2.

Obtaining updates:

By hand:
wget URL
will fetch the file for you.
dpkg -i FILENAME.deb
will install the fetched file.

With apt:
deb http://security.debian.org/ stable/updates main
added to /etc/apt/sources.list will provide security updates

Additional information can be found on the Debian security webpages
at http://www.debian.org/security/

Debian GNU/Linux 3.0 alias woody

Woody was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel,
powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2.dsc
  Size/MD5 checksum:     1284 be78c7328fcd439fe7eedf6a54894b28
http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2.orig.tar.gz
  Size/MD5 checksum:   380635 6bc8da35f9eed4e675bfdf04ce312248
http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2.diff.gz
  Size/MD5 checksum:     8956 a07ace8578ec5555c87cbfd1faba8ecd

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_alpha.deb
  Size/MD5 checksum:   213458 72603d37a351d08dfa7af4ab13e6301f

arm architecture (ARM)

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_arm.deb
  Size/MD5 checksum:   179464 adb31a1747c0df1f1113454afb3a85f8

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_hppa.deb
  Size/MD5 checksum:   192892 28680f059cab0987ee313b672aa2edca

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_i386.deb
  Size/MD5 checksum:   169360 f303ec8777785c742a29469e49a9c63a

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_ia64.deb
  Size/MD5 checksum:   246776 889eb67d84ef3500239a1ad7a721dd9e

m68k architecture (Motorola Mc680x0)

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_m68k.deb
  Size/MD5 checksum:   157340 69ceb0d17d5e9ffca079b0bd7a18d489

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_mips.deb
  Size/MD5 checksum:   188714 dbbe0d4eec80daa0f74b83c877064b87

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_powerpc.deb
  Size/MD5 checksum:   176706 5121aa3b8891d1030d1924f1328efcdf

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_s390.deb
  Size/MD5 checksum:   172534 1b2b2834af69c169893b5dee4b21eec3

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.2_sparc.deb
  Size/MD5 checksum:   179076 31a8382615ac8707b9346bfa9b1d615a

Debian Security team <[email protected]>
http://www.debian.org/security/
Mailing-List: [email protected]

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE99m2RPLiSUC+jvC0RAgQwAJ9g72gzFPfdTVvTfhyX/5wb3H1fiQCfSZhu
/YTIMzeIfa1gS4sshBSjcME=
=FK7j
-----END PGP SIGNATURE-----

JSON