Family: Red Hat Local Security Checks --> Category: infos
RHSA-2003-085: arpwatch Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the arpwatch packages
Detailed Explanation for this Vulnerability Test
Updated tcpdump packages are available to fix a denial of service
vulnerability in tcpdump.
[Updated 12 March 2003]
Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise
Tcpdump is a command-line tool for monitoring network traffic.
The ISAKMP parser in tcpdump 3.6 through 3.7.1 allows remote attackers to
cause a denial of service (CPU consumption) via a certain malformed ISAKMP
packet to UDP port 500, which causes tcpdump to enter an infinite loop.
Users of tcpdump are advised to upgrade to these errata packages which
contain a patch to correct this issue.
Solution : http://rhn.redhat.com/errata/RHSA-2003-085.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.