Mandrake Linux Security Advisory : tcpdump (MDKSA-2001:056)
High Nessus Plugin ID 13873
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionA number of remote buffer overflows were discovered in the tcpdump package that would allow a remote attack of the local tcpdump process.
Intrusion detection using tcpdump would no longer be useful due to the attack stoping all network activity on the system. As well, this new version of tcpdump fixes the vulnerability with decoding AFS ACL packets which would allow a remote attacker to run arbitrary code on the local system with root privilege.
SolutionUpdate the affected tcpdump package.