This script is Copyright (C) 2004-2016 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated tcpdump packages that fix an infinite loop vulnerability and
drop privileges on startup are now available.
Tcpdump is a command-line tool for monitoring network traffic.
A vulnerability exists in tcpdump before 3.7.2 and is related to an
inability to handle unknown RADIUS attributes properly. This
vulnerability allows remote attackers to cause a denial of service
The Red Hat tcpdump packages advertise that, by default, tcpdump will
drop privileges to user 'pcap'. Due to a compilation error this did
not happen, and tcpdump would run as root unless the '-U' flag was
Users of tcpdump are advised to upgrade to these errata packages,
which contain a patch correcting the RADIUS issue and are compiled so
that by default tcpdump will drop privileges to the 'pcap' user.
See also :
Update the affected arpwatch, libpcap and / or tcpdump packages.
Risk factor :
Medium / CVSS Base Score : 5.0