This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
Several buffer overflows were found in the tcpdump package by FreeBSD
developers during a code audit, in versions prior to 3.5. However,
newer versions of tcpdump, including 3.6.2, are also vulnerable to
another buffer overflow in the AFS RPC decoding functions, which was
discovered by Nick Cleaton. These vulnerabilities could be used by a
remote attacker to crash the the tcpdump process or possibly even be
exploited to execute arbitrary code as the user running tcpdump, which
is usually root.
The newer libpcap 0.6 has also been audited to make it more safe by
implementing better buffer boundary checks in several functions.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5