FreeBSD : FreeBSD -- Buffer overflow in tcpdump(1) (2dc764fa-40c0-11dc-aeac-02e0185f8d72)

This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

An un-checked return value in the BGP dissector code can result in an
integer overflow. This value is used in subsequent buffer management
operations, resulting in a stack based buffer overflow under certain
circumstances. Impact : By crafting malicious BGP packets, an attacker
could exploit this vulnerability to execute code or crash the tcpdump
process on the target system. This code would be executed in the
context of the user running tcpdump(1). It should be noted that
tcpdump(1) requires privileges in order to open live network
interfaces. Workaround : No workaround is available.

See also :

http://www.nessus.org/u?65191f23

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 25833 (freebsd_pkg_2dc764fa40c011dcaeac02e0185f8d72.nasl)

Bugtraq ID: 24965

CVE ID: CVE-2007-3798

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now