• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

TCPDump Malformed BGP Packet Memory Corruption Vulnerability

Solution:
Trustix has released an advisory. Information about obtaining and applying fixes can be found in the referenced advisory.

Debian has released a new advisory (DSA 255-1) which contain new fix information.

MandrakeSoft has released an advisory. Information about obtaining and applying fixes are available in the referenced advisory.

SuSE has released an advisory (SuSE-SA:2003:0015) which contains fixes. Further information about obtaining and applying fixes can be found in the advisory.

Red Hat has released a security advisory (RHSA-2003:032-01) that contains fixes addressing this and other tcpdump issues. Users are advised to upgrade as soon as possible.

OpenPKG has released an advisory OpenPKG-SA-2004.002 to address this and other issues. Please see the referenced advisory for more information.

Fixes available:


LBL tcpdump 3.4 a6

• SuSE tcpdump-3.4a6-317.ppc.rpm
  ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n1/tcpdump-3.4a6-317.ppc.rp m


• SuSE tcpdump-3.4a6-329.alpha.rpm
  ftp://ftp.suse.com/pub/suse/axp/update/7.1/n1/tcpdump-3.4a6-329.alpha. rpm


• SuSE tcpdump-3.4a6-375.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/tcpdump-3.4a6-375.i386. rpm


• SuSE tcpdump-3.4a6-376.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/tcpdump-3.4a6-376.i386. rpm

LBL tcpdump 3.5.2

• SCO tcpdump-3.6.2-4.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-050.0/R PMS/tcpdump-3.6.2-4.i386.rpm


• SCO tcpdump-3.6.2-4.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-05 0.0/RPMS/tcpdump-3.6.2-4.i386.rpm


• SCO tcpdump-3.6.2-4.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-050.0/RPM S/tcpdump-3.6.2-4.i386.rpm


• SCO tcpdump-3.6.2-4.i386.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-050. 0/RPMS/tcpdump-3.6.2-4.i386.rpm


• SCO tcpdump-3.6.2-4.src.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-050.0/S RPMS/tcpdump-3.6.2-4.src.rpm


• SCO tcpdump-3.6.2-4.src.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-05 0.0/SRPMS/tcpdump-3.6.2-4.src.rpm


• SCO tcpdump-3.6.2-4.src.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-050.0/SRP MS/tcpdump-3.6.2-4.src.rpm


• SCO tcpdump-3.6.2-4.src.rpm
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-050. 0/SRPMS/tcpdump-3.6.2-4.src.rpm

LBL tcpdump 3.6.2

• Debian tcpdump_3.6.2-2.3_alpha.deb
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .3_alpha.deb


• Debian tcpdump_3.6.2-2.3_arm.deb
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .3_arm.deb


• Debian tcpdump_3.6.2-2.3_hppa.deb
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .3_hppa.deb


• Debian tcpdump_3.6.2-2.3_i386.deb
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .3_i386.deb


• Debian tcpdump_3.6.2-2.3_ia64.deb
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .3_ia64.deb


• Debian tcpdump_3.6.2-2.3_m68k.deb
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .3_m68k.deb


• Debian tcpdump_3.6.2-2.3_mips.deb
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .3_mips.deb


• Debian tcpdump_3.6.2-2.3_mipsel.deb
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .3_mipsel.deb


• Debian tcpdump_3.6.2-2.3_powerpc.deb
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .3_powerpc.deb


• Debian tcpdump_3.6.2-2.3_s390.deb
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .3_s390.deb


• Debian tcpdump_3.6.2-2.3_sparc.deb
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .3_sparc.deb


• Red Hat arpwatch-2.1a11-17.7.1.2.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/arpwatch-2.1a11-17.7.1.2.i386. rpm


• Red Hat arpwatch-2.1a11-17.7.2.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/arpwatch-2.1a11-17.7.2.2.i386. rpm


• Red Hat arpwatch-2.1a11-17.7.2.2.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/arpwatch-2.1a11-17.7.2.2.ia64. rpm


• Red Hat arpwatch-2.1a11-17.7.3.2.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/arpwatch-2.1a11-17.7.3.2.i386. rpm


• Red Hat arpwatch-2.1a11-17.8.0.2.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/arpwatch-2.1a11-17.8.0.2.i386. rpm


• Red Hat libpcap-0.6.2-17.7.1.2.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/libpcap-0.6.2-17.7.1.2.i386.rp m


• Red Hat libpcap-0.6.2-17.7.2.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/libpcap-0.6.2-17.7.2.2.i386.rp m


• Red Hat libpcap-0.6.2-17.7.2.2.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/libpcap-0.6.2-17.7.2.2.ia64.rp m


• Red Hat libpcap-0.6.2-17.7.3.2.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/libpcap-0.6.2-17.7.3.2.i386.rp m


• Red Hat libpcap-0.6.2-17.8.0.2.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/libpcap-0.6.2-17.8.0.2.i386.rp m


• Red Hat tcpdump-3.6.3-17.7.1.2.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/tcpdump-3.6.3-17.7.1.2.i386.rp m


• Red Hat tcpdump-3.6.3-17.7.2.2.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/tcpdump-3.6.3-17.7.2.2.i386.rp m


• Red Hat tcpdump-3.6.3-17.7.2.2.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/tcpdump-3.6.3-17.7.2.2.ia64.rp m


• Red Hat tcpdump-3.6.3-17.7.3.2.i386.rpm
  ftp://updates.redhat.com/7.3/en/os/i386/tcpdump-3.6.3-17.7.3.2.i386.rp m


• Red Hat tcpdump-3.6.3-17.8.0.2.i386.rpm
  ftp://updates.redhat.com/8.0/en/os/i386/tcpdump-3.6.3-17.8.0.2.i386.rp m


• SuSE tcpdump-3.6.2-322.i386.patch.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/tcpdump-3.6.2-322.i386. patch.rpm


• SuSE tcpdump-3.6.2-207.ppc.rpm
  ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/tcpdump-3.6.2-207.ppc.rp m


• SuSE tcpdump-3.6.2-321.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/tcpdump-3.6.2-321.i386. rpm


• SuSE tcpdump-3.6.2-322.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/tcpdump-3.6.2-322.i386. rpm


• SuSE tcpdump-3.6.2-65.sparc.rpm
  ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/tcpdump-3.6.2-65.sparc .rpm