• info
• discussion
• exploit
• solution
• references

Tcpdump L2TP Parser Remote Denial of Service Vulnerability

Solution:
It has been reported that tcpdump versions 3.7.1 are not vulnerable to this issue. Users are advised to update to the non-vulnerable versions.

OpenPKG has released an advisory OpenPKG-SA-2004.002 to address this and other issues. Please see the referenced advisory for more information.

Guardian Digital has release advisory ESA-20040119-002 to address this issue. Affected users are recommended use of the Guardian Digital Secure Network to update vulnerable systems.

Mandrake has released advisory MDKSA-2004:008 to address this issue. Please see the referenced advisory for more information.

Conectiva has released an advisory CLSA-2004:832 to address this and other issues in tcpdump. Please see the advisory in web references for more information.


LBL tcpdump 3.4

• Engarde Secure Linux libpcap-0.6.2-1.0.6.i386.rpm
  ftp://ftp.engardelinux.org/pub/engarde/


• Engarde Secure Linux libpcap-0.6.2-1.0.6.i686.rpm
  ftp://ftp.engardelinux.org/pub/engarde/


• Engarde Secure Linux tcpdump-3.6.3-1.0.6.i386.rpm
  ftp://ftp.engardelinux.org/pub/engarde/


• Engarde Secure Linux tcpdump-3.6.3-1.0.6.i686.rpm
  ftp://ftp.engardelinux.org/pub/engarde/

LBL tcpdump 3.6.2

• Debian tcpdump_3.6.2-2.4_mipsel.deb
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .4_mipsel.deb


• Debian tcpdump_3.6.2-2.7_alpha.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .7_alpha.deb


• Debian tcpdump_3.6.2-2.7_arm.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .7_arm.deb


• Debian tcpdump_3.6.2-2.7_hppa.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .7_hppa.deb


• Debian tcpdump_3.6.2-2.7_i386.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .7_i386.deb


• Debian tcpdump_3.6.2-2.7_ia64.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .7_ia64.deb


• Debian tcpdump_3.6.2-2.7_m68k.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .7_m68k.deb


• Debian tcpdump_3.6.2-2.7_mips.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .7_mips.deb


• Debian tcpdump_3.6.2-2.7_powerpc.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .7_powerpc.deb


• Debian tcpdump_3.6.2-2.7_s390.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .7_s390.deb


• Debian tcpdump_3.6.2-2.7_sparc.deb
  Debian GNU/Linux 3.0 (woody)
  http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2 .7_sparc.deb

LBL tcpdump 3.7.2

• Mandrake tcpdump-3.7.2-2.1.91mdk.i586.rpm
  Mandrake Linux 9.1
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake tcpdump-3.7.2-2.1.91mdk.ppc.rpm
  Mandrake Linux 9.1/PPC
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake tcpdump-3.7.2-2.1.92mdk.amd64.rpm
  Mandrake Linux 9.2/AMD64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake tcpdump-3.7.2-2.1.92mdk.i586.rpm
  Mandrake Linux 9.2
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake tcpdump-3.7.2-2.1.C21mdk.i586.rpm
  Mandrake Corporate Server 2.1
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake tcpdump-3.7.2-2.1.C21mdk.x86_64.rpm
  Mandrake Corporate Server 2.1/X86_64
  http://www.mandrakesecure.net/en/ftp.php


• Mandrake tcpdump-3.7.2-2.1.M82mdk.i586.rpm
  Mandrake Multi Network Firewall 8.2
  http://www.mandrakesecure.net/en/ftp.php