Mandrake Linux Security Advisory : tcpdump (MDKSA-2002:032)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

Several buffer overflows were found in the tcpdump package by FreeBSD
developers during a code audit, in versions prior to 3.5. However,
newer versions of tcpdump, including 3.6.2, are also vulnerable to
another buffer overflow in the AFS RPC decoding functions, which was
discovered by Nick Cleaton. These vulnerabilities could be used by a
remote attacker to crash the the tcpdump process or possibly even be
exploited to execute arbitrary code as the user running tcpdump, which
is usually root.

The newer libpcap 0.6 has also been audited to make it more safe by
implementing better buffer boundary checks in several functions.

See also :

http://www.nessus.org/u?8a0a3b08
http://www.ciac.org/ciac/bulletins/l-015.shtml

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 13938 (mandrake_MDKSA-2002-032.nasl)

Bugtraq ID:

CVE ID: CVE-2001-1279

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now