|
Family: Debian Local Security Checks --> Category: infos
[DSA478] DSA-478-1 tcpdump Vulnerability Scan
Vulnerability Scan Summary DSA-478-1 tcpdump
Detailed Explanation for this Vulnerability Test
tcpdump, a tool for network monitoring and data acquisition, was found
to contain two vulnerabilities whereby tcpdump could be caused to
crash through attempts to read from invalid memory locations. This
bug is triggered by certain invalid ISAKMP packets.
For the current stable distribution (woody) these problems have been
fixed in version 3.6.2-2.8.
For the unstable distribution (sid), these problems have been fixed in
version 3.7.2-4.
We recommend that you update your tcpdump package.
Solution : http://www.debian.org/security/2004/dsa-478
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|