Test ID:	1.3.6.1.4.1.25623.1.0.53082
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-141-1 (tcpdump)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to tcpdump announced via advisory USN-141-1. A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: tcpdump It was discovered that certain invalid BGP packets triggered an infinite loop in tcpdump, which caused tcpdump to stop working. This could be abused by a remote attacker to bypass tcpdump analysis of network traffic. Solution: The problem can be corrected by upgrading the affected package to version 3.8.3-3ubuntu0.3 (for Ubuntu 4.10), or 3.8.3-3ubuntu0.4 (for Ubuntu 5.04). In general, a standard system upgrade is sufficient to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-141-1 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1267 13906 http://www.securityfocus.com/bid/13906 15634 http://secunia.com/advisories/15634/ 17118 http://secunia.com/advisories/17118 2005-0028 http://www.trustix.org/errata/2005/0028/ DSA-854 http://www.debian.org/security/2005/dsa-854 FEDORA-2005-406 http://www.redhat.com/archives/fedora-announce-list/2005-June/msg00007.html FLSA:156139 http://www.securityfocus.com/archive/1/430292/100/0/threaded RHSA-2005:505 http://www.redhat.com/support/errata/RHSA-2005-505.html https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159208 oval:org.mitre.oval:def:11148 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11148
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.