[SECURITY] [DSA 3193-1] tcpdump security update

2015-03-1714:48:44

lists.debian.org

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Debian Security Advisory DSA-3193-1 [email protected]
http://www.debian.org/security/ Salvatore Bonaccorso
March 17, 2015 http://www.debian.org/security/faq

Package : tcpdump
CVE ID : CVE-2015-0261 CVE-2015-2153 CVE-2015-2154 CVE-2015-2155

Several vulnerabilities have been discovered in tcpdump, a command-line
network traffic analyzer. These vulnerabilities might result in denial
of service (application crash) or, potentially, execution of arbitrary
code.

For the stable distribution (wheezy), these problems have been fixed in
version 4.3.0-1+deb7u2.

For the upcoming stable distribution (jessie), these problems have been
fixed in version 4.6.2-4.

For the unstable distribution (sid), these problems have been fixed in
version 4.6.2-4.

We recommend that you upgrade your tcpdump packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian7armhftcpdump< 4.3.0-1+deb7u2tcpdump_4.3.0-1+deb7u2_armhf.deb
Debian7kfreebsd-i386tcpdump< 4.3.0-1+deb7u2tcpdump_4.3.0-1+deb7u2_kfreebsd-i386.deb
Debian6amd64tcpdump< 4.1.1-1+deb6u2tcpdump_4.1.1-1+deb6u2_amd64.deb
Debian7mipseltcpdump< 4.3.0-1+deb7u2tcpdump_4.3.0-1+deb7u2_mipsel.deb
Debian7kfreebsd-amd64tcpdump< 4.3.0-1+deb7u2tcpdump_4.3.0-1+deb7u2_kfreebsd-amd64.deb
Debian7i386tcpdump< 4.3.0-1+deb7u2tcpdump_4.3.0-1+deb7u2_i386.deb
Debian7sparctcpdump< 4.3.0-1+deb7u2tcpdump_4.3.0-1+deb7u2_sparc.deb
Debian7ia64tcpdump< 4.3.0-1+deb7u2tcpdump_4.3.0-1+deb7u2_ia64.deb
Debian7mipstcpdump< 4.3.0-1+deb7u2tcpdump_4.3.0-1+deb7u2_mips.deb
Debian7s390xtcpdump< 4.3.0-1+deb7u2tcpdump_4.3.0-1+deb7u2_s390x.deb

OS	Version	Architecture	Package	Version	Filename
Debian	7	armhf	tcpdump	< 4.3.0-1+deb7u2	tcpdump_4.3.0-1+deb7u2_armhf.deb
Debian	7	kfreebsd-i386	tcpdump	< 4.3.0-1+deb7u2	tcpdump_4.3.0-1+deb7u2_kfreebsd-i386.deb
Debian	6	amd64	tcpdump	< 4.1.1-1+deb6u2	tcpdump_4.1.1-1+deb6u2_amd64.deb
Debian	7	mipsel	tcpdump	< 4.3.0-1+deb7u2	tcpdump_4.3.0-1+deb7u2_mipsel.deb
Debian	7	kfreebsd-amd64	tcpdump	< 4.3.0-1+deb7u2	tcpdump_4.3.0-1+deb7u2_kfreebsd-amd64.deb
Debian	7	i386	tcpdump	< 4.3.0-1+deb7u2	tcpdump_4.3.0-1+deb7u2_i386.deb
Debian	7	sparc	tcpdump	< 4.3.0-1+deb7u2	tcpdump_4.3.0-1+deb7u2_sparc.deb
Debian	7	ia64	tcpdump	< 4.3.0-1+deb7u2	tcpdump_4.3.0-1+deb7u2_ia64.deb
Debian	7	mips	tcpdump	< 4.3.0-1+deb7u2	tcpdump_4.3.0-1+deb7u2_mips.deb
Debian	7	s390x	tcpdump	< 4.3.0-1+deb7u2	tcpdump_4.3.0-1+deb7u2_s390x.deb