Detections
Analytics

Mandrake Linux Security Advisory : tcpdump (MDKSA-2001:056)

high Nessus Plugin ID 13873

Synopsis

The remote Mandrake Linux host is missing a security update.

Description

A number of remote buffer overflows were discovered in the tcpdump package that would allow a remote attack of the local tcpdump process.
Intrusion detection using tcpdump would no longer be useful due to the attack stoping all network activity on the system. As well, this new version of tcpdump fixes the vulnerability with decoding AFS ACL packets which would allow a remote attacker to run arbitrary code on the local system with root privilege.

Solution

Update the affected tcpdump package.

See Also

http://www.ciac.org/ciac/bulletins/l-015.shtml

Plugin Details

Severity: High

ID: 13873

File Name: mandrake_MDKSA-2001-056.nasl

Version: 1.16

Type: local

Published: 7/31/2004

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:tcpdump, cpe:/o:mandrakesoft:mandrake_linux:7.1, cpe:/o:mandrakesoft:mandrake_linux:7.2, cpe:/o:mandrakesoft:mandrake_linux:8.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 6/13/2001

Reference Information

MDKSA: 2001:056