FreeBSD Local Security Checks : FreeBSD Security Advisory (FreeBSD-SA-07:06.tcpdump.asc)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58511
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Security Advisory (FreeBSD-SA-07:06.tcpdump.asc)
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-07:06.tcpdump.asc
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-07:06.tcpdump.asc Vulnerability Insight: Tcpdump is a commonly used network diagnostic utility which decodes packets received on the wire into human readable format. An un-checked return value in the BGP dissector code can result in an integer overflow. This value is used in subsequent buffer management operations, resulting in a stack based buffer overflow under certain circumstances. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3798 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html BugTraq ID: 24965 http://www.securityfocus.com/bid/24965 Bugtraq: 20070720 rPSA-2007-0147-1 tcpdump (Google Search) http://www.securityfocus.com/archive/1/474225/100/0/threaded Cert/CC Advisory: TA07-352A http://www.us-cert.gov/cas/techalerts/TA07-352A.html Debian Security Information: DSA-1353 (Google Search) http://www.debian.org/security/2007/dsa-1353 FreeBSD Security Advisory: FreeBSD-SA-07:06 http://security.freebsd.org/advisories/FreeBSD-SA-07:06.tcpdump.asc http://security.gentoo.org/glsa/glsa-200707-14.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:148 http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-bgp.c?r1=1.91.2.11&r2=1.91.2.12 http://www.digit-labs.org/files/exploits/private/tcpdump-bgp.c https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9771 http://www.redhat.com/support/errata/RHSA-2007-0368.html http://www.redhat.com/support/errata/RHSA-2007-0387.html http://www.securitytracker.com/id?1018434 http://secunia.com/advisories/26135 http://secunia.com/advisories/26168 http://secunia.com/advisories/26223 http://secunia.com/advisories/26231 http://secunia.com/advisories/26263 http://secunia.com/advisories/26266 http://secunia.com/advisories/26286 http://secunia.com/advisories/26395 http://secunia.com/advisories/26404 http://secunia.com/advisories/26521 http://secunia.com/advisories/27580 http://secunia.com/advisories/28136 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.449313 SuSE Security Announcement: SUSE-SR:2007:016 (Google Search) http://www.novell.com/linux/security/advisories/2007_16_sr.html http://www.trustix.org/errata/2007/0023/ TurboLinux Advisory: TLSA-2007-46 http://www.turbolinux.com/security/2007/TLSA-2007-46.txt http://www.ubuntu.com/usn/usn-492-1 http://www.vupen.com/english/advisories/2007/2578 http://www.vupen.com/english/advisories/2007/4238
Copyright	Copyright (C) 2008 E-Soft Inc.