MDKSA-2004:008
- Package name
- tcpdump
- Date
- 2004-01-26
- Advisory ID
- MDKSA-2004:008
- Affected versions
- 9.2 amd64 , CS2.1 x86_64 , CS2.1 i586 , 9.2 i586 , 9.1 i586 , MNF8.2 i586 , 9.1 i586
Problem description
A number of vulnerabilities were discovered in tcpdump versions prior to 3.8.1 that, if fed a maliciously crafted packet, could be exploited to crash tcpdump or potentially execute arbitrary code with the privileges of the user running tcpdump. These vulnerabilities include: An infinite loop and memory consumption processing L2TP packets (CAN-2003-1029). Infinite loops in processing ISAKMP packets (CAN-2003-0989, CAN-2004-0057). A segmentation fault caused by a RADIUS attribute with a large length value (CAN-2004-0055). The updated packages are patched to correct these problem.
Updated packages
9.2 amd64
efd0e0b8f9796b3ba98d3da63d5b38c2 amd64/9.2/RPMS/tcpdump-3.7.2-2.1.92mdk.amd64.rpm 8e3520db919980c762c7acce742f9831 amd64/9.2/SRPMS/tcpdump-3.7.2-2.1.92mdk.src.rpm
CS2.1 x86_64
3eba37e4c75f54916c3c15b126710c43 x86_64/corporate/2.1/RPMS/tcpdump-3.7.2-2.1.C21mdk.x86_64.rpm a0731e1d0f8bb67e27796486ee0ac6de x86_64/corporate/2.1/SRPMS/tcpdump-3.7.2-2.1.C21mdk.src.rpm
CS2.1 i586
c9c3cb66d49d3c61c09db1df364309aa corporate/2.1/RPMS/tcpdump-3.7.2-2.1.C21mdk.i586.rpm a0731e1d0f8bb67e27796486ee0ac6de corporate/2.1/SRPMS/tcpdump-3.7.2-2.1.C21mdk.src.rpm
9.2 i586
595518640b2291ce10e26b943debf84b 9.2/RPMS/tcpdump-3.7.2-2.1.92mdk.i586.rpm 8e3520db919980c762c7acce742f9831 9.2/SRPMS/tcpdump-3.7.2-2.1.92mdk.src.rpm
9.1 i586
aa337b3beb1371a5ceace20db36c5dfa 9.1/RPMS/tcpdump-3.7.2-2.1.91mdk.i586.rpm 99e8f3cb2c6cc748ca8c8d24ab555029 9.1/SRPMS/tcpdump-3.7.2-2.1.91mdk.src.rpm
MNF8.2 i586
3eaac937cfc3d2390a2eda8dd431fc56 mnf8.2/RPMS/tcpdump-3.7.2-2.1.M82mdk.i586.rpm a33365b5a8d47668764615ec6713869f mnf8.2/SRPMS/tcpdump-3.7.2-2.1.M82mdk.src.rpm
9.1 i586
df878fa0b993bcc53cb852a4b3a6b0bb ppc/9.1/RPMS/tcpdump-3.7.2-2.1.91mdk.ppc.rpm 99e8f3cb2c6cc748ca8c8d24ab555029 ppc/9.1/SRPMS/tcpdump-3.7.2-2.1.91mdk.src.rpm