Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2002:032: tcpdump

Vulnerability Assessment Details

MDKSA-2002:032: tcpdump

Vulnerability Assessment Summary
Check for the version of the tcpdump package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory MDKSA-2002:032 (tcpdump).

Several buffer overflows were found in the tcpdump package by FreeBSD developers
during a code audit, in versions prior to 3.5. However, newer versions of
tcpdump, including 3.6.2, are also vulnerable to another buffer overflow in the
AFS RPC decoding functions, which was discovered by Nick Cleaton. These
vulnerabilities could be used by a remote attacker to crash the the tcpdump
process or possibly even be exploited to execute arbitrary code as the user
running tcpdump, which is usually root.
The newer libpcap 0.6 has also been audited to make it more safe by implementing
better buffer boundary checks in several functions.

Solution :
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security

Cables, Connectors

Western Digital Scorpio Black 320GB Internal 7200RPM 2.5" (WD3200BEKT) HDD
Western Digital Scorpio Black 320GB Internal 7200RPM 2.5SEAGATE 80GB BARRACUDA 7200.7 SATA HARD DRIVE ST380819AS
SEAGATE  80GB BARRACUDA 7200.7 SATA HARD DRIVE ST380819AS  pictureBlue 2.5" SATA Hard Drive Protective Case Enclosure for 500GB Max Capacity X5V5
Blue 2.5HITACHI Deskstar HDP725050GLA360 SATA 3.0Gb/s 3.5" Internal Disk~Lot of 4 Disks
HITACHI Deskstar HDP725050GLA360 SATA 3.0Gb/s 3.5


No Discussions have been posted on this vulnerability.