Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-429-1 (tcpdump)

The remote host is missing an update to tcpdump
announced via advisory USN-429-1.

A security issue affects the following Ubuntu releases:

Ubuntu 5.10
Ubuntu 6.06 LTS
Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

Details follow:

Moritz Jodeit discovered that tcpdump had an overflow in the 802.11
packet parser. Remote attackers could send specially crafted packets,
crashing tcpdump, possibly leading to a denial of service.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.10:
tcpdump 3.9.1-1ubuntu1.1

Ubuntu 6.06 LTS:
tcpdump 3.9.4-2ubuntu0.1

Ubuntu 6.10:
tcpdump 3.9.4-4ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Risk factor : High

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-1218
BugTraq ID: 22772
Cert/CC Advisory: TA07-352A
Debian Security Information: DSA-1272 (Google Search)
TurboLinux Advisory: TLSA-2007-46
XForce ISS Database: tcpdump-print80211c-bo(32749)
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.