Debian DSA-1353-1 : tcpdump - integer overflow
Medium Nessus Plugin ID 25861
SynopsisThe remote Debian host is missing a security-related update.
DescriptionIt was discovered that an integer overflow in the BGP dissector of tcpdump, a powerful tool for network monitoring and data acquisition, may lead to the execution of arbitrary code.
SolutionUpgrade the tcpdump package.
For the oldstable distribution (sarge) this problem has been fixed in version 3.8.3-5sarge3.
For the stable distribution (etch) this problem has been fixed in version 3.9.5-2etch1.