Support / Security / Advisories / Corporate Server 3.0 / MDKSA-2007:056

Package name: tcpdump
Date: 2007-03-08
Advisory ID: MDKSA-2007:056
Affected versions: CS4.0 x86_64 , 2006.0 i586 , 2007.0 x86_64 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2006.0 x86_64

Problem description

Off-by-one buffer overflow in the parse_elements function in the 802.11
printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows
remote attackers to cause a denial of service (crash) via a crafted
802.11 frame. NOTE: this was originally referred to as heap-based, but
it might be stack-based.

Updated packages have been patched to address this issue.

Updated packages

CS4.0 x86_64

 a0955040cd81b0d5189e2b72fdddf459  corporate/4.0/x86_64/tcpdump-3.9.3-1.3.20060mlcs4.x86_64.rpm 
 d849293ac434f50fb2159bf0298a9921  corporate/4.0/SRPMS/tcpdump-3.9.3-1.3.20060mlcs4.src.rpm

2006.0 i586

 d92b272b29238545670818ca1d03b171  2006.0/i586/tcpdump-3.9.3-1.3.20060mdk.i586.rpm 
 66d13291c325f4c08725ee28fd57c21d  2006.0/SRPMS/tcpdump-3.9.3-1.3.20060mdk.src.rpm

2007.0 x86_64

 e0c4b35447b06600387db895f2ecee54  2007.0/x86_64/tcpdump-3.9.4-1.1mdv2007.0.x86_64.rpm 
 ba39819805f0935af53e2ec77b302d14  2007.0/SRPMS/tcpdump-3.9.4-1.1mdv2007.0.src.rpm

2007.0 i586

 34629bcb6e9ee83b6e9163bd0e3ab889  2007.0/i586/tcpdump-3.9.4-1.1mdv2007.0.i586.rpm 
 ba39819805f0935af53e2ec77b302d14  2007.0/SRPMS/tcpdump-3.9.4-1.1mdv2007.0.src.rpm

CS3.0 x86_64

 b3440b61b1aaca36fb7426d2108d5a99  corporate/3.0/x86_64/tcpdump-3.8.1-1.3.C30mdk.x86_64.rpm 
 978aeb218783686a74e4d2a6e1b772fb  corporate/3.0/SRPMS/tcpdump-3.8.1-1.3.C30mdk.src.rpm

CS4.0 i586

 b0d581c7c0166447c32019849638002e  corporate/4.0/i586/tcpdump-3.9.3-1.3.20060mlcs4.i586.rpm 
 d849293ac434f50fb2159bf0298a9921  corporate/4.0/SRPMS/tcpdump-3.9.3-1.3.20060mlcs4.src.rpm

CS3.0 i586

 f6dc96b67852e9a31868433020500ea1  corporate/3.0/i586/tcpdump-3.8.1-1.3.C30mdk.i586.rpm 
 978aeb218783686a74e4d2a6e1b772fb  corporate/3.0/SRPMS/tcpdump-3.8.1-1.3.C30mdk.src.rpm

2006.0 x86_64

 9a66f32f4fd622c3986a80dd447bad10  2006.0/x86_64/tcpdump-3.9.3-1.3.20060mdk.x86_64.rpm 
 66d13291c325f4c08725ee28fd57c21d  2006.0/SRPMS/tcpdump-3.9.3-1.3.20060mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1218