Test ID:	1.3.6.1.4.1.25623.1.0.53941
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2004-108-01)
Summary:	The remote host is missing an update for the 'tcpdump' package(s) announced via the SSA:2004-108-01 advisory.
Description:	Summary: The remote host is missing an update for the 'tcpdump' package(s) announced via the SSA:2004-108-01 advisory. Vulnerability Insight: Upgraded tcpdump packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix denial-of-service issues. Sites using tcpdump should upgrade to the new packages. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] The tcpdump advisory from Rapid7 may be found here: [link moved to references] Here are the details from the Slackware 9.1 ChangeLog: +--------------------------+ Sat Apr 17 11:03:35 PDT 2004 patches/packages/tcpdump-3.8.3-i486-1.tgz: Upgraded to tcpdump-3.8.3 and libpcap-0.8.3. This fixes a couple minor bugs that shouldn't affect 32-bit ix86 Slackware, but we might as well have the latest. According to www.tcpdump.org: TCPDUMP version 3.8.3 has been released as of March 30, 2004. 3.8.3 is identical to 3.8.2, but the version number has been incremented to match libpcap. LIBPCAP version 0.8.3 has been released as of March 30, 2004. 0.8.3 fixes a minor problem with gencode.c on 64-bit architectures. It also carries the correct version numbers. +--------------------------+ Tue Mar 30 22:16:38 PST 2004 patches/packages/tcpdump-3.8.2-i486-1.tgz: Upgraded to tcpdump-3.8.2 and libpcap-0.8.2. Fixes denial-of-service security issues. For more details, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'tcpdump' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0183 BugTraq ID: 10003 http://www.securityfocus.com/bid/10003 Bugtraq: 20040330 R7-0017: TCPDUMP ISAKMP payload handling denial-of-service vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=108067265931525&w=2 CERT/CC vulnerability note: VU#240790 http://www.kb.cert.org/vuls/id/240790 Debian Security Information: DSA-478 (Google Search) http://www.debian.org/security/2004/dsa-478 https://bugzilla.fedora.us/show_bug.cgi?id=1468 http://www.rapid7.com/advisories/R7-0017.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A972 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9971 http://www.redhat.com/support/errata/RHSA-2004-219.html http://securitytracker.com/id?1009593 http://secunia.com/advisories/11258 http://secunia.com/advisories/11320 http://www.trustix.org/errata/2004/0015 XForce ISS Database: tcpdump-isakmp-delete-bo(15680) https://exchange.xforce.ibmcloud.com/vulnerabilities/15680 Common Vulnerability Exposure (CVE) ID: CVE-2004-0184 BugTraq ID: 10004 http://www.securityfocus.com/bid/10004 CERT/CC vulnerability note: VU#492558 http://www.kb.cert.org/vuls/id/492558 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9581 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A976 XForce ISS Database: tcpdump-isakmp-integer-underflow(15679) https://exchange.xforce.ibmcloud.com/vulnerabilities/15679
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.