Red Hat Local Security Checks : RedHat Security Advisory RHSA-2005:417

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52630

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2005:417

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2005:417.

Tcpdump is a command-line tool for monitoring network traffic.

Several denial of service bugs were found in the way tcpdump processes
certain network packets. It is possible for an attacker to inject a
carefully crafted packet onto the network, crashing a running tcpdump
session. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2005-1278, CVE-2005-1279, and CVE-2005-1280 to
these issues.

The tcpdump utility can now write a file larger than 2 GB.

Users of tcpdump are advised to upgrade to these erratum packages, which
contain backported security patches and are not vulnerable to these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-417.html

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-1278
13392
http://www.securityfocus.com/bid/13392
15125
http://secunia.com/advisories/15125
18146
http://secunia.com/advisories/18146
20050426 tcpdump[v3.8.x/v3.9.1]: ISIS, BGP, and LDP infinite loop DOS exploits.
http://www.securityfocus.com/archive/1/396932
FLSA:156139
http://www.securityfocus.com/archive/1/430292/100/0/threaded
RHSA-2005:417
http://www.redhat.com/support/errata/RHSA-2005-417.html
RHSA-2005:421
http://www.redhat.com/support/errata/RHSA-2005-421.html
SCOSA-2005.60
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60/SCOSA-2005.60.txt
oval:org.mitre.oval:def:10159
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10159
Common Vulnerability Exposure (CVE) ID: CVE-2005-1279
13389
http://www.securityfocus.com/bid/13389
17101
http://secunia.com/advisories/17101
DSA-850
http://www.debian.org/security/2005/dsa-850
oval:org.mitre.oval:def:9601
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9601
Common Vulnerability Exposure (CVE) ID: CVE-2005-1280
13390
http://www.securityfocus.com/bid/13390
20050426 tcpdump(/ethereal)[]: (RSVP) rsvp_print() infinite loop DOS.
http://www.securityfocus.com/archive/1/396930
oval:org.mitre.oval:def:10732
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10732

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52630
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:417
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:417. Tcpdump is a command-line tool for monitoring network traffic. Several denial of service bugs were found in the way tcpdump processes certain network packets. It is possible for an attacker to inject a carefully crafted packet onto the network, crashing a running tcpdump session. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-1278, CVE-2005-1279, and CVE-2005-1280 to these issues. The tcpdump utility can now write a file larger than 2 GB. Users of tcpdump are advised to upgrade to these erratum packages, which contain backported security patches and are not vulnerable to these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-417.html Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1278 13392 http://www.securityfocus.com/bid/13392 15125 http://secunia.com/advisories/15125 18146 http://secunia.com/advisories/18146 20050426 tcpdump[v3.8.x/v3.9.1]: ISIS, BGP, and LDP infinite loop DOS exploits. http://www.securityfocus.com/archive/1/396932 FLSA:156139 http://www.securityfocus.com/archive/1/430292/100/0/threaded RHSA-2005:417 http://www.redhat.com/support/errata/RHSA-2005-417.html RHSA-2005:421 http://www.redhat.com/support/errata/RHSA-2005-421.html SCOSA-2005.60 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60/SCOSA-2005.60.txt oval:org.mitre.oval:def:10159 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10159 Common Vulnerability Exposure (CVE) ID: CVE-2005-1279 13389 http://www.securityfocus.com/bid/13389 17101 http://secunia.com/advisories/17101 DSA-850 http://www.debian.org/security/2005/dsa-850 oval:org.mitre.oval:def:9601 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9601 Common Vulnerability Exposure (CVE) ID: CVE-2005-1280 13390 http://www.securityfocus.com/bid/13390 20050426 tcpdump(/ethereal)[]: (RSVP) rsvp_print() infinite loop DOS. http://www.securityfocus.com/archive/1/396930 oval:org.mitre.oval:def:10732 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10732
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com