Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2007-0368

Опубликовано: 19 нояб. 2007
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2007-0368: tcpdump security and bug fix update (MODERATE)

[14:3.9.4-11.el5.0.1]

  • Modified libpcap-0.9.4/fad-getad.c to include linux/types.h if it includes linux/if_packet.h

[14:3.9.4-11.el5]

  • fix buffer overflow in BGP dissector (#250294, CVE-2007-3798)

[14:3.9.4-10.el5]

  • with -C option, drop root privileges before opening first savefile (#241677)

[14:3.9.4-9.el5]

  • fix buffer overflow in 802.11 printer (#232347, CVE-2007-1218)
  • fix return codes in arpwatch init script (#237779)

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

arpwatch

2.1a13-18.el5.0.1

libpcap

0.9.4-11.el5.0.1

libpcap-devel

0.9.4-11.el5.0.1

tcpdump

3.9.4-11.el5.0.1

Oracle Linux i386

arpwatch

2.1a13-18.el5.0.1

libpcap

0.9.4-11.el5.0.1

libpcap-devel

0.9.4-11.el5.0.1

tcpdump

3.9.4-11.el5.0.1

Связанные CVE

Связанные уязвимости

ubuntu
больше 18 лет назад

Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.

redhat
больше 18 лет назад

Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.

nvd
больше 18 лет назад

Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based.

debian
больше 18 лет назад

Off-by-one buffer overflow in the parse_elements function in the 802.1 ...

CVSS3: 9.8
ubuntu
около 18 лет назад

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.