This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated tcpdump, libpcap, and arpwatch packages are available. These
updates close a buffer overflow when handling NFS packets.
tcpdump is a command-line tool for monitoring network traffic.
Versions of tcpdump up to and including 3.6.2 have a buffer overflow
that can be triggered when tracing the network by a bad NFS packet.
We are not yet aware if this issue is fully exploitable
users of tcpdump are advised to upgrade to these errata packages which
contain a patch for this issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2002-0380 to this issue. This issue was found by
David Woodhouse of Red Hat.
See also :
Update the affected arpwatch, libpcap and / or tcpdump packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12632 ()
CVE ID: CVE-2002-0380
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.