Package name
tcpdump
Date
2007-07-25
Advisory ID
MDKSA-2007:148
Affected versions
CS4.0 x86_64 , 2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2007.1 x86_64

Problem description

An integer overflow in tcpdump could allow a remote attacker to
execute arbitrary code via crafted TLVs in a BGP packet.

Updated packages have been patched to prevent this issue.

Updated packages

CS4.0 x86_64

 28924494741b88fd6b3dfdd924e08a96  corporate/4.0/x86_64/tcpdump-3.9.3-1.4.20060mlcs4.x86_64.rpm 
 7228692328e815bdd36c34c9c205fd0a  corporate/4.0/SRPMS/tcpdump-3.9.3-1.4.20060mlcs4.src.rpm

2007.0 x86_64

 043b7ecea174ab02b651b78a4d163249  2007.0/x86_64/tcpdump-3.9.4-1.2mdv2007.0.x86_64.rpm 
 767f8fbcc96602d5e85c1131ca789323  2007.0/SRPMS/tcpdump-3.9.4-1.2mdv2007.0.src.rpm

2007.1 i586

 2d152372297a0797eb2f91d5eea15d31  2007.1/i586/tcpdump-3.9.5-1.1mdv2007.1.i586.rpm 
 15ded4bd5c5d5dfce05348c7eed0a456  2007.1/SRPMS/tcpdump-3.9.5-1.1mdv2007.1.src.rpm

2007.0 i586

 73a03979bbb0fef6ecca9cfea8c15293  2007.0/i586/tcpdump-3.9.4-1.2mdv2007.0.i586.rpm 
 767f8fbcc96602d5e85c1131ca789323  2007.0/SRPMS/tcpdump-3.9.4-1.2mdv2007.0.src.rpm

CS3.0 x86_64

 254d9a3f816f759bacc42e5f24bbc895  corporate/3.0/x86_64/tcpdump-3.8.1-1.4.C30mdk.x86_64.rpm 
 ec63bb0a8bc2ea06f5f2218c5e0528b7  corporate/3.0/SRPMS/tcpdump-3.8.1-1.4.C30mdk.src.rpm

CS4.0 i586

 51de8a617eeb1ee78dc0c86999911e20  corporate/4.0/i586/tcpdump-3.9.3-1.4.20060mlcs4.i586.rpm 
 7228692328e815bdd36c34c9c205fd0a  corporate/4.0/SRPMS/tcpdump-3.9.3-1.4.20060mlcs4.src.rpm

CS3.0 i586

 3649b10b9d8b03982e40d461bf5f8733  corporate/3.0/i586/tcpdump-3.8.1-1.4.C30mdk.i586.rpm 
 ec63bb0a8bc2ea06f5f2218c5e0528b7  corporate/3.0/SRPMS/tcpdump-3.8.1-1.4.C30mdk.src.rpm

2007.1 x86_64

 0d2602af49e234dbff3cc1cb4f782981  2007.1/x86_64/tcpdump-3.9.5-1.1mdv2007.1.x86_64.rpm 
 15ded4bd5c5d5dfce05348c7eed0a456  2007.1/SRPMS/tcpdump-3.9.5-1.1mdv2007.1.src.rpm

References