Debian DSA-1272-1 : tcpdump - buffer overflow

This script is Copyright (C) 2007-2013 Tenable Network Security, Inc.


Synopsis :

The remote Debian host is missing a security-related update.

Description :

Moritz Jodeit discovered an off-by-one buffer overflow in tcpdump, a
powerful tool for network monitoring and data acquisition, which
allows denial of service.

See also :

http://www.debian.org/security/2007/dsa-1272

Solution :

Upgrade the tcpdump package.

For the stable distribution (sarge) this problem has been fixed in
version 3.8.3-5sarge2.

For the upcoming stable distribution (etch) this problem has been
fixed in version 3.9.5-2.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: Debian Local Security Checks

Nessus Plugin ID: 24881 (debian_DSA-1272.nasl)

Bugtraq ID:

CVE ID: CVE-2007-1218