Test ID:	1.3.6.1.4.1.25623.1.0.54542
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200404-03 (tcpdump)
Summary:	Gentoo Security Advisory GLSA 200404-03 (tcpdump)
Description:	The remote host is missing updates announced in advisory GLSA 200404-03. There are multiple vulnerabilities in tcpdump and libpcap related to parsing of ISAKMP packets. Solution: All tcpdump users should upgrade to the latest available version. ADDITIONALLY, the net-libs/libpcap package should be upgraded. # emerge sync # emerge -pv '>=net-libs/libpcap-0.8.3-r1' '>=net-analyzer/tcpdump-3.8.3-r1' # emerge '>=net-libs/libpcap-0.8.3-r1' '>=net-analyzer/tcpdump-3.8.3-r1' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200404-03 http://bugs.gentoo.org/show_bug.cgi?id=38206 http://bugs.gentoo.org/show_bug.cgi?id=46258 http://www.rapid7.com/advisories/R7-0017.html http://rhn.redhat.com/errata/RHSA-2004-008.html
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0989 Bugtraq: 20040119 [ESA-20040119-002] 'tcpdump' multiple vulnerabilities. (Google Search) http://www.securityfocus.com/archive/1/archive/1/350238/30/21640/threaded http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html Caldera Security Advisory: CSSA-2004-008.0 ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt En Garde Linux Advisory: ESA-20040119-002 http://lwn.net/Alerts/66805/ http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html SCO Security Bulletin: SCOSA-2004.9 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt SGI Security Advisory: 20040202-01-U ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc SuSE Security Announcement: SuSE-SA:2004:002 (Google Search) http://www.redhat.com/support/errata/RHSA-2004-007.html http://www.redhat.com/support/errata/RHSA-2004-008.html Debian Security Information: DSA-425 (Google Search) http://www.debian.org/security/2004/dsa-425 http://www.mandriva.com/security/advisories?name=MDKSA-2004:008 SGI Security Advisory: 20040103-01-U ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc Bugtraq: 20040131 [FLSA-2004:1222] Updated tcpdump resolves security vulnerabilites (resend with correct paths) (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=107577418225627&w=2 http://lwn.net/Alerts/66445/ CERT/CC vulnerability note: VU#738518 http://www.kb.cert.org/vuls/id/738518 BugTraq ID: 9507 http://www.securityfocus.com/bid/9507 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:847 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:852 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10599 http://www.securitytracker.com/id?1008716 http://secunia.com/advisories/10636 http://secunia.com/advisories/10637 http://secunia.com/advisories/10639 http://secunia.com/advisories/10644 http://secunia.com/advisories/10652 http://secunia.com/advisories/10668 http://secunia.com/advisories/10718 http://secunia.com/advisories/11022 http://secunia.com/advisories/11032/ http://secunia.com/advisories/12179/
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: