ID de Prueba:	1.3.6.1.4.1.25623.1.0.53075
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: tcpdump
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: tcpdump CVE-2005-1278 The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet. CVE-2005-1279 tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function. CVE-2005-1280 The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1267 13906 http://www.securityfocus.com/bid/13906 15634 http://secunia.com/advisories/15634/ 17118 http://secunia.com/advisories/17118 2005-0028 http://www.trustix.org/errata/2005/0028/ DSA-854 http://www.debian.org/security/2005/dsa-854 FEDORA-2005-406 http://www.redhat.com/archives/fedora-announce-list/2005-June/msg00007.html FLSA:156139 http://www.securityfocus.com/archive/1/430292/100/0/threaded RHSA-2005:505 http://www.redhat.com/support/errata/RHSA-2005-505.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159208 oval:org.mitre.oval:def:11148 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11148 Common Vulnerability Exposure (CVE) ID: CVE-2005-1278 13392 http://www.securityfocus.com/bid/13392 15125 http://secunia.com/advisories/15125 18146 http://secunia.com/advisories/18146 20050426 tcpdump[v3.8.x/v3.9.1]: ISIS, BGP, and LDP infinite loop DOS exploits. http://www.securityfocus.com/archive/1/396932 RHSA-2005:417 http://www.redhat.com/support/errata/RHSA-2005-417.html RHSA-2005:421 http://www.redhat.com/support/errata/RHSA-2005-421.html SCOSA-2005.60 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60/SCOSA-2005.60.txt oval:org.mitre.oval:def:10159 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10159 Common Vulnerability Exposure (CVE) ID: CVE-2005-1279 13389 http://www.securityfocus.com/bid/13389 17101 http://secunia.com/advisories/17101 DSA-850 http://www.debian.org/security/2005/dsa-850 oval:org.mitre.oval:def:9601 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9601 Common Vulnerability Exposure (CVE) ID: CVE-2005-1280 13390 http://www.securityfocus.com/bid/13390 20050426 tcpdump(/ethereal)[]: (RSVP) rsvp_print() infinite loop DOS. http://www.securityfocus.com/archive/1/396930 oval:org.mitre.oval:def:10732 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10732
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.