Mandrake Linux Security Advisory : tcpdump (MDKSA-2001:056)

High Nessus Plugin ID 13873


The remote Mandrake Linux host is missing a security update.


A number of remote buffer overflows were discovered in the tcpdump package that would allow a remote attack of the local tcpdump process.
Intrusion detection using tcpdump would no longer be useful due to the attack stoping all network activity on the system. As well, this new version of tcpdump fixes the vulnerability with decoding AFS ACL packets which would allow a remote attacker to run arbitrary code on the local system with root privilege.


Update the affected tcpdump package.

See Also

Plugin Details

Severity: High

ID: 13873

File Name: mandrake_MDKSA-2001-056.nasl

Version: $Revision: 1.13 $

Type: local

Published: 2004/07/31

Modified: 2013/05/31

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:tcpdump, cpe:/o:mandrakesoft:mandrake_linux:7.1, cpe:/o:mandrakesoft:mandrake_linux:7.2, cpe:/o:mandrakesoft:mandrake_linux:8.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2001/06/13

Reference Information

MDKSA: 2001:056