RedHatRHSA-2003:033(RHSA-2003:033) tcpdump security update
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
88.7%
Tcpdump is a command-line tool for monitoring network traffic.
The BGP decoding routines in tcpdump before version 3.6.2 used incorrect
bounds checking when copying data, which allows remote attackers to cause a
denial of service and possibly execute arbitrary code (as the ‘pcap’ user).
If a UDP packet from a radius port contains 0 at the second byte tcpdump
gets stuck in a loop that generating an infinite stream of “#0#0#0#0#0”.
This could be used as a denial of service.
Users of tcpdump are advised to upgrade to these errata packages which
contain patches to correct thes issues.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | i386 | libpcap | < 0.6.2-12.2.1AS.1 | libpcap-0.6.2-12.2.1AS.1.i386.rpm |
| RedHat | any | ia64 | tcpdump | < 3.6.2-12.2.1AS.1 | tcpdump-3.6.2-12.2.1AS.1.ia64.rpm |
| RedHat | any | i386 | tcpdump | < 3.6.2-12.2.1AS.1 | tcpdump-3.6.2-12.2.1AS.1.i386.rpm |
| RedHat | any | ia64 | libpcap | < 0.6.2-12.2.1AS.1 | libpcap-0.6.2-12.2.1AS.1.ia64.rpm |
| RedHat | any | i386 | arpwatch | < 2.1a11-12.2.1AS.1 | arpwatch-2.1a11-12.2.1AS.1.i386.rpm |
| RedHat | any | ia64 | arpwatch | < 2.1a11-12.2.1AS.1 | arpwatch-2.1a11-12.2.1AS.1.ia64.rpm |
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
88.7%