[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: [SECURITY] [DSA 425-1] New tcpdump packages fix multiple vulnerabilities



Hi all,

> Package        : tcpdump
> Vulnerability  : multiple vulnerabilities
> Problem-Type   : remote
> Debian-specific: no
> CVE Ids        : CAN-2003-1029 CAN-2003-0989 CAN-2004-0055 CAN-2004-0057
>
> Multiple vulnerabilities were discovered in tcpdump, a tool for
> inspecting network traffic.  If a vulnerable version of tcpdump
> attempted to examine a maliciously constructed packet, a number of
> buffer overflows could be exploited to crash tcpdump, or potentially
> execute arbitrary code with the privileges of the tcpdump process.
>
> CAN-2003-1029 - infinite loop and memory consumption in processing
> L2TP packets
>
> CAN-2003-0989, CAN-2004-0057 - infinite loops in processing ISAKMP
> packets.
>
> CAN-2004-0055 - segmentation fault caused by a RADIUS attribute with a
> large length value
>
> For the current stable distribution (woody) these problems have been
> fixed in version 3.6.2-2.7.
>
> For the unstable distribution (sid) these problems will be fixed soon.

According to bug #227844[1], CAN-2004-0057 (which *has* been fixed) is "a
different vulnerability than CAN-2003-0989".  So, as far as I can see,
CAN-2003-0989 has not been fixed yet, has it?

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=227844



Reply to: