|
|
| Problem Description |
A Denial of Service vulnerability was found in tcpdump during the
processing of certain network packages. Because of this flaw, it was
possible for an attacker to inject a carefully crafted packet onto the
network which would crash a running tcpdump session.
The updated packages have been patched to correct this problem. This
problem does not affect at least tcpdump 3.8.1 and earlier.
| Updated Packages |
Mandrakelinux 10.1
19f997352f3fef16e9809c33a9fd9e6f 10.1/RPMS/tcpdump-3.8.3-2.2.101mdk.i586.rpm 91566ff6914608573f685a750a23e4a2 10.1/SRPMS/tcpdump-3.8.3-2.2.101mdk.src.rpm
Mandrakelinux 10.1/X86_64
23da8b573535902af955c3bc52b8da45 x86_64/10.1/RPMS/tcpdump-3.8.3-2.2.101mdk.x86_64.rpm 91566ff6914608573f685a750a23e4a2 x86_64/10.1/SRPMS/tcpdump-3.8.3-2.2.101mdk.src.rpm
Mandriva Linux LE2005
317345c2da874d9c8b1333fcf7b0f81a 10.2/RPMS/tcpdump-3.8.3-2.2.102mdk.i586.rpm c7e1bb066e89aaa17188a9548262aee3 10.2/SRPMS/tcpdump-3.8.3-2.2.102mdk.src.rpm
Mandriva Linux LE2005/X86_64
49053eec4a4b00732cef1da5405a2ea5 x86_64/10.2/RPMS/tcpdump-3.8.3-2.2.102mdk.x86_64.rpm c7e1bb066e89aaa17188a9548262aee3 x86_64/10.2/SRPMS/tcpdump-3.8.3-2.2.102mdk.src.rpm
| References |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1267
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.