Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2002:032: tcpdump

Vulnerability Assessment Details

MDKSA-2002:032: tcpdump

Vulnerability Assessment Summary
Check for the version of the tcpdump package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory MDKSA-2002:032 (tcpdump).

Several buffer overflows were found in the tcpdump package by FreeBSD developers
during a code audit, in versions prior to 3.5. However, newer versions of
tcpdump, including 3.6.2, are also vulnerable to another buffer overflow in the
AFS RPC decoding functions, which was discovered by Nick Cleaton. These
vulnerabilities could be used by a remote attacker to crash the the tcpdump
process or possibly even be exploited to execute arbitrary code as the user
running tcpdump, which is usually root.
The newer libpcap 0.6 has also been audited to make it more safe by implementing
better buffer boundary checks in several functions.

Solution :
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors

Cisco UC Video Camera for IP Phone CP-CAM-C=V01 (9971)
Cisco UC Video Camera for IP Phone CP-CAM-C=V01 (9971) pictureLinksys (Cisco) Integrated KVM 2-Port Switch (KVM2KIT)
Linksys (Cisco) Integrated KVM 2-Port Switch (KVM2KIT) pictureCisco C9400-SUP-1 Catalyst 9400 Series
Cisco C9400-SUP-1 Catalyst 9400 Series pictureCISCO CATALYST 2960-X SERIES WS-C2960X-24PS-L V02 24 port switch
CISCO CATALYST 2960-X SERIES WS-C2960X-24PS-L V02 24 port switch picture


No Discussions have been posted on this vulnerability.