Family: Debian Local Security Checks --> Category: infos
[DSA850] DSA-850-1 tcpdump Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
"Vade 79" discovered that the BGP dissector in tcpdump, a powerful
tool for network monitoring and data acquisition, does not properly
handle RT_ROUTING_INFO. A specially crafted BGP packet can cause a
denial of service via an infinite loop.
For the old stable distribution (woody) this problem has been fixed in
For the stable distribution (sarge) this problem has been fixed in
For the unstable distribution (sid) this problem has been fixed in
We recommend that you upgrade your tcpdump package.
Solution : http://www.debian.org/security/2005/dsa-850
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.