TUCoPS :: Linux :: Ubuntu :: tb11865.htm

tcpdump vulnerability
tcpdump vulnerability
tcpdump vulnerability



--bi5JUZtvcfApsciF
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

=========================================================== 
Ubuntu Security Notice USN-492-1              July 30, 2007
tcpdump vulnerability
CVE-2007-3798
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  tcpdump                                  3.9.4-2ubuntu0.2

Ubuntu 6.10:
  tcpdump                                  3.9.4-4ubuntu0.2

Ubuntu 7.04:
  tcpdump                                  3.9.5-2ubuntu1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

A flaw was discovered in the BGP dissector of tcpdump.  Remote
attackers could send specially crafted packets and execute arbitrary
code with user privileges.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4-2ubuntu0.2.diff.gz 
      Size/MD5:    11829 2c911638159adc11d2ff54f96182de54
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4-2ubuntu0.2.dsc 
      Size/MD5:      685 a8ab006366dbe0973e06d08bec9ed359
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4.orig.tar.gz 
      Size/MD5:   716862 4b64755bbc8ba1af49c747271a6df5b8

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4-2ubuntu0.2_amd64.deb 
      Size/MD5:   313048 eeb295aada8253ed88675759a5b9fefc

  i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4-2ubuntu0.2_i386.deb 
      Size/MD5:   289664 ae14411448b3cc4f6aeb99137ab08242

  powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4-2ubuntu0.2_powerpc.deb 
      Size/MD5:   301184 227cfb459beba4f873524ff0351994d7

  sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4-2ubuntu0.2_sparc.deb 
      Size/MD5:   305034 56c94f1b847c19301e59c0ca09b05373

Updated packages for Ubuntu 6.10:

  Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4-4ubuntu0.2.diff.gz 
      Size/MD5:    11966 781a774a620649e0c6a6e208fb98644c
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4-4ubuntu0.2.dsc 
      Size/MD5:      632 7f81be7f487baa766845a1701d95d797
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4.orig.tar.gz 
      Size/MD5:   716862 4b64755bbc8ba1af49c747271a6df5b8

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4-4ubuntu0.2_amd64.deb 
      Size/MD5:   315162 7b2246a74280ede3bb105aa580cd0866

  i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4-4ubuntu0.2_i386.deb 
      Size/MD5:   300680 4125eb94e7ec30f41d03740f0154f504

  powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4-4ubuntu0.2_powerpc.deb 
      Size/MD5:   303704 0f1c7c7cc722c6039f8078ea620a75ad

  sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.4-4ubuntu0.2_sparc.deb 
      Size/MD5:   308620 7c11b491590794464980b7e4bb801925

Updated packages for Ubuntu 7.04:

  Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.5-2ubuntu1.diff.gz 
      Size/MD5:    11970 c875dadc73193df8f1bba9ebac4a9bcc
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.5-2ubuntu1.dsc 
      Size/MD5:      712 037ba4c3cf2113ac1ee02f3008cc4917
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.5.orig.tar.gz 
      Size/MD5:   712411 2135e7b1f09af0eaf66d2af822bed44a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.5-2ubuntu1_amd64.deb 
      Size/MD5:   317680 164f2980e2673cc641661a859c260d98

  i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.5-2ubuntu1_i386.deb 
      Size/MD5:   303426 1f5aaddf44cd3057241f6e2364183ecd

  powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.5-2ubuntu1_powerpc.deb 
      Size/MD5:   308756 06ca55a167c3b0caac6add7a8d0b2981

  sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdump_3.9.5-2ubuntu1_sparc.deb 
      Size/MD5:   312192 dce58020c8b5a99316e3d1d1fba2923b


--bi5JUZtvcfApsciF
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGrqpwH/9LqRcGPm0RAo5aAKCFuHY6ukeuyj604FfVYetVVGNZqgCgod/3
YS/Ma2UxuLaUsLqU/yrUD2w=4X6X
-----END PGP SIGNATURE-----

--bi5JUZtvcfApsciF--

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH