[Full-disclosure] [USN-141-1] tcpdump vulnerability

From: Martin Pitt (martin.pitt_at_canonical.com)
Date: 06/21/05

  • Next message: Martin Pitt: "[Full-disclosure] [USN-142-1] sudo vulnerability"
    Date: Tue, 21 Jun 2005 15:47:57 +0200
    To: ubuntu-security-announce@lists.ubuntu.com
    
    
    
    

    ===========================================================
    Ubuntu Security Notice USN-141-1 June 21, 2005
    tcpdump vulnerability
    CAN-2005-1267
    ===========================================================

    A security issue affects the following Ubuntu releases:

    Ubuntu 4.10 (Warty Warthog)
    Ubuntu 5.04 (Hoary Hedgehog)

    The following packages are affected:

    tcpdump

    The problem can be corrected by upgrading the affected package to
    version 3.8.3-3ubuntu0.3 (for Ubuntu 4.10), or 3.8.3-3ubuntu0.4 (for
    Ubuntu 5.04). In general, a standard system upgrade is sufficient to
    effect the necessary changes.

    Details follow:

    It was discovered that certain invalid BGP packets triggered an
    infinite loop in tcpdump, which caused tcpdump to stop working. This
    could be abused by a remote attacker to bypass tcpdump analysis of
    network traffic.

    Updated packages for Ubuntu 4.10 (Warty Warthog):

      Source archives:

        http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.8.3-3ubuntu0.3.diff.gz
          Size/MD5: 10896 4702377c3189048522d6c001c9bc6f20
        http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.8.3-3ubuntu0.3.dsc
          Size/MD5: 672 59625b40bdce1e52cdef6f04845f9af2
        http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.8.3.orig.tar.gz
          Size/MD5: 567116 30645001f4b97019677cad88d3811904

      amd64 architecture (Athlon64, Opteron, EM64T Xeon)

        http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.8.3-3ubuntu0.3_amd64.deb
          Size/MD5: 255700 0cd4c99be36a5cb2cb90397ae61678fe

      i386 architecture (x86 compatible Intel/AMD)

        http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.8.3-3ubuntu0.3_i386.deb
          Size/MD5: 234606 d4d65d97e0bc543f163fd3d69dc5f9bb

      powerpc architecture (Apple Macintosh G3/G4/G5)

        http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.8.3-3ubuntu0.3_powerpc.deb
          Size/MD5: 245540 7f674bb7675833678023d791a3b5cecb

    Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

      Source archives:

        http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.8.3-3ubuntu0.4.diff.gz
          Size/MD5: 10932 426d64f415eb78d225f952126d37d149
        http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.8.3-3ubuntu0.4.dsc
          Size/MD5: 672 106d0e1f304bfac046cb5ee92178d03c
        http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.8.3.orig.tar.gz
          Size/MD5: 567116 30645001f4b97019677cad88d3811904

      amd64 architecture (Athlon64, Opteron, EM64T Xeon)

        http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.8.3-3ubuntu0.4_amd64.deb
          Size/MD5: 255684 1b772031ea02ddc34540d57c2e887fad

      i386 architecture (x86 compatible Intel/AMD)

        http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.8.3-3ubuntu0.4_i386.deb
          Size/MD5: 234620 1e9c285b47b0639cfa32085665b430aa

      powerpc architecture (Apple Macintosh G3/G4/G5)

        http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.8.3-3ubuntu0.4_powerpc.deb
          Size/MD5: 245566 537c353da73354ba16cef78f2d77e5e9

    
    

    
    

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/



  • Next message: Martin Pitt: "[Full-disclosure] [USN-142-1] sudo vulnerability"

    Relevant Pages