|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200505-06] TCPDump: Decoding routines Denial of Service vulnerability Vulnerability Scan
Vulnerability Scan Summary TCPDump: Decoding routines Denial of Service vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200505-06
(TCPDump: Decoding routines Denial of Service vulnerability)
TCPDump improperly handles and decodes ISIS (CVE-2005-1278), BGP
(CVE-2005-1267, CVE-2005-1279), LDP (CVE-2005-1279) and RSVP
(CVE-2005-1280) packets. TCPDump might loop endlessly after receiving
malformed packets.
Impact
A malicious remote attacker can exploit the decoding issues for a
Denial of Service attack by sending specially crafted packets, possibly
causing TCPDump to loop endlessly.
Workaround
There is no known workaround at this time.
References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-1267
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-1278
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-1279
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-1280
Solution:
All TCPDump users should upgrade to the latest available version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/tcpdump-3.8.3-r3"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|