|Category:||Ubuntu Local Security Checks|
|Title:||Ubuntu USN-141-1 (tcpdump)|
|Summary:||Ubuntu USN-141-1 (tcpdump)|
The remote host is missing an update to tcpdump
announced via advisory USN-141-1.
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
The following packages are affected: tcpdump
It was discovered that certain invalid BGP packets triggered an
infinite loop in tcpdump, which caused tcpdump to stop working. This
could be abused by a remote attacker to bypass tcpdump analysis of
The problem can be corrected by upgrading the affected package to
version 3.8.3-3ubuntu0.3 (for Ubuntu 4.10), or 3.8.3-3ubuntu0.4 (for
Ubuntu 5.04). In general, a standard system upgrade is sufficient to
effect the necessary changes.
Risk factor : Medium
Common Vulnerability Exposure (CVE) ID: CVE-2005-1267|
Debian Security Information: DSA-854 (Google Search)
BugTraq ID: 13906
|Copyright||Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com|
|This is only one of 39786 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.