5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
tcpdump, a tool for network monitoring and data acquisition, was found
to contain two vulnerabilities whereby tcpdump could be caused to
crash through attempts to read from invalid memory locations. This
bug is triggered by certain invalid ISAKMP packets.
For the current stable distribution (woody) these problems have been
fixed in version 3.6.2-2.8.
For the unstable distribution (sid), these problems have been fixed in
version 3.7.2-4.
We recommend that you update your tcpdump package.