TSLSA-2002-0084 - tcpdump Dec 19 2002 07:51PM
tsl trustix com (Trustix Secure Linux Advisor)
Hash: SHA1

- ------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2002-0084

Package name: tcpdump
Summary: Incorrect bounds checking
Date: 2002-12-19
Affected versions: TSL 1.1, 1.2, 1.5

- ------------------------------------------------------------------------
Package description:
Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump can capture and display the packet headers on a particular
network interface or on all interfaces. Tcpdump can display all of
the packet headers, or just the ones that match particular criteria.

Problem description:
Tcpdump tries to decode packages it sees on the network to provide
some information to the user. In the decoding of BGP packages, it
failed to do proper bounds checking. The impact is not known, but
it could at least be used to crash tcpdump. This is fixed in the
3.7.1 release of tcpdump.

In addition, we have upgraded libpcap and arpwatch to resolve

We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.

All TSL updates are available from

About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.

Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.

Get SWUP from:

Public testing:
These packages have been available for public testing for some time.
If you want to contribute by testing the various packages in the
testing tree, please feel free to share your findings on the
tsl-discuss mailinglist.
The testing tree is located at

Check out our mailing lists:

This advisory along with all TSL packages are signed with the TSL sign key.
This key is available from:

The advisory itself is available from the errata pages at
<URI:http://www.trustix.net/errata/trustix-1.2/> and
or directly at

MD5sums of the packages:
- ------------------------------------------------------------------------
824e7cf0772ba11aba56d98c08f951d6 ./1.1/RPMS/arpwatch-2.1a11-2tr.i586.rpm
c95236148c009f7365f3497a14add5b4 ./1.1/RPMS/libpcap-0.7.1-2tr.i586.rpm
d0eb21ecad3542f89ae88b8707359236 ./1.1/RPMS/tcpdump-3.7.1-2tr.i586.rpm
47c5a0e065911176c9b6f1569b4dee62 ./1.1/SRPMS/arpwatch-2.1a11-2tr.src.rpm
a07a2aac096c3097536b9688241016ea ./1.1/SRPMS/libpcap-0.7.1-2tr.src.rpm
659a448d9c335ac09eda2b18ead701e4 ./1.1/SRPMS/tcpdump-3.7.1-2tr.src.rpm
b57f1b852378665c4d2a2e17bf81d329 ./1.2/RPMS/arpwatch-2.1a11-2tr.i586.rpm
c4d8b5d252ec86a1ba26919fd84e359e ./1.2/RPMS/libpcap-0.7.1-2tr.i586.rpm
df7ede2ec5728304ec81edf17305a88a ./1.2/RPMS/tcpdump-3.7.1-2tr.i586.rpm
47c5a0e065911176c9b6f1569b4dee62 ./1.2/SRPMS/arpwatch-2.1a11-2tr.src.rpm
a07a2aac096c3097536b9688241016ea ./1.2/SRPMS/libpcap-0.7.1-2tr.src.rpm
659a448d9c335ac09eda2b18ead701e4 ./1.2/SRPMS/tcpdump-3.7.1-2tr.src.rpm
e6fba4806f2dabdfe344c735a3756206 ./1.5/RPMS/arpwatch-2.1a11-2tr.i586.rpm
e4205a7ef19af19e2748faa371dc5bc9 ./1.5/RPMS/libpcap-0.7.1-2tr.i586.rpm
921390de9b10db4b2651a3cdebd00580 ./1.5/RPMS/tcpdump-3.7.1-2tr.i586.rpm
47c5a0e065911176c9b6f1569b4dee62 ./1.5/SRPMS/arpwatch-2.1a11-2tr.src.rpm
a07a2aac096c3097536b9688241016ea ./1.5/SRPMS/libpcap-0.7.1-2tr.src.rpm
659a448d9c335ac09eda2b18ead701e4 ./1.5/SRPMS/tcpdump-3.7.1-2tr.src.rpm
- ------------------------------------------------------------------------

Trustix Security Team

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org


[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus