[SECURITY] [DLA 174-1] tcpdump security update

2015-03-17T09:57:43
ID DEBIAN:DLA-174-1:F5DF3
Type debian
Reporter Debian
Modified 2015-03-17T09:57:43

Description

Package : tcpdump Version : tcpdump_4.1.1-1+deb6u2 CVE ID : CVE-2015-0261 CVE-2015-2154 CVE-2015-2155

Several issues have been discovered with tcpdump in the way it handled some printer protocols. Those issues can lead to denial of service, or, potentially, execution of arbitrary code.

CVE-2015-0261

Missing bounds checks in IPv6 Mobility printer

CVE-2015-2154

Missing bounds checks in ISOCLNS printer

CVE-2015-2155

Missing bounds checks in ForCES printer

Thanks to Romain Françoise who prepared this update.

Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/ Attachment: signature.asc Description: Digital signature