Gentoo Archives: gentoo-announce

From: Daniel Ahlberg <aliz@g.o>
To: gentoo-announce@g.o
Subject: GLSA: tcpdump (200303-5)
Date: Wed, 05 Mar 2003 10:22:46
Message-Id: 20030305102004.0EF3C33B4D@mail1.tamperd.net
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 - - ---------------------------------------------------------------------
5 GENTOO LINUX SECURITY ANNOUNCEMENT 200303-5
6 - - ---------------------------------------------------------------------
7
8 PACKAGE : tcpdump
9 SUMMARY : remote dos
10 DATE : 2003-03-05 10:19 UTC
11 EXPLOIT : remote
12 VERSIONS AFFECTED : <3.7.2
13 FIXED VERSION : =>3.7.2
14 CVE : CAN-2003-0108
15
16 - - ---------------------------------------------------------------------
17
18 - From advisory:
19
20 "A vulnerability exists in the parsing of ISAKMP packets (UDP port 500)
21 that allows an attacker to force TCPDUMP into an infinite loop upon
22 receipt of a specially crafted packet."
23
24 Read the full advisory at:
25 http://www.idefense.com/advisory/02.27.03.txt
26
27 SOLUTION
28
29 It is recommended that all Gentoo Linux users who are running
30 net-analyzer/tcpdump upgrade to tcpdump-3.7.2 as follows:
31
32 emerge sync
33 emerge -u tcpdump
34 emerge clean
35
36 - - ---------------------------------------------------------------------
37 aliz@g.o - GnuPG key is available at http://cvs.gentoo.org/~aliz
38 - - ---------------------------------------------------------------------
39 -----BEGIN PGP SIGNATURE-----
40 Version: GnuPG v1.2.1 (GNU/Linux)
41
42 iD8DBQE+Zc9LfT7nyhUpoZMRAhvzAJ4nvljUMlxZ3apC4IHsgW82ac7IdQCghAJ+
43 1A8EmkbKOczX+avWHCEudKY=
44 =YQs3
45 -----END PGP SIGNATURE-----