This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Problem description :
Moritz Jodeit discovered a denial of service bug in the tcpdump IEEE
802.11 processing code. If a certain link type was explicitly
specified, an attacker could inject a carefully crafted frame onto the
IEEE 802.11 network that could crash a running tcpdump session.
An integer overflow flaw was found in tcpdump's BGP processing code.
An attacker could execute arbitrary code with the privilege of the
pcap user by injecting a crafted frame onto the network.
In addition, the following bugs have been addressed :
- The arpwatch service initialization script would exit
prematurely, returning an incorrect successful exit
status and preventing the status command from running in
case networking is not available.
- Tcpdump would not drop root privileges completely when
launched with the
- -C option. This might have been abused by an attacker to
gain root privileges in case a security problem was
found in tcpdump. Users of tcpdump are encouraged to
specify meaningful arguments to the -Z option in case
they want tcpdump to write files with privileges other
than of the pcap user.
See also :
Update the affected arpwatch, libpcap and / or tcpdump packages.
Risk factor :
Medium / CVSS Base Score : 6.8
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60299 ()
CVE ID: CVE-2007-1218CVE-2007-3798
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.