LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: October 31st, 2014
Linux Security Week: October 27th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
RedHat: 'tcpdump' Remote root vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
RedHat Linux Updated tcpdump, libpcap, and arpwatch packages are available for RedHat Linux 6.2 and 7.x. These updates close vulnerabilitiespresent in versions of tcpdump up to 3.5.1 and various other bugs.

---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Updated tcpdump packages available for Red Hat Linux 6.2 and 7.x
Advisory ID:       RHSA-2001:089-08
Issue date:        2001-06-28
Updated on:        2002-02-12
Product:           Red Hat Linux
Keywords:          tcpdump buffer overflow
Cross references:  
Obsoletes:         
---------------------------------------------------------------------

1. Topic:

Updated tcpdump, libpcap, and arpwatch packages are available for Red
Hat Linux 6.2 and 7.x.  These updates close vulnerabilities
present in versions of tcpdump up to 3.5.1 and various other bugs.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - alpha, i386, sparc

Red Hat Linux 7.0 - alpha, i386

Red Hat Linux 7.1 - alpha, i386, ia64

Red Hat Linux 7.2 - i386, ia64

3. Problem description:



4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed  (http://bugzilla.Red Hat.com/bugzilla for more info):

45520 - Remote root exploit
49294 - security problem in tcpdump-3.6.2 AFS printing
47174 - libpcap-0.4-39.i386.rpm does not contain shared library libpcap.so.0
52654 - Tcpdump get spurious packets before kernel filter kicks in
57711 - arpwatch depends on csh for no good reason
54593 - Doco change in specfile (minor)
49635 - PATCH: tcpdump to drop root by default
58346 - tcpdump.spec creates pcap user with nonexistant shell

6. RPMs required:

Red Hat Linux 6.2:

SRPMS: 
ftp://updates.Red Hat.com/6.2/en/os/SRPMS/tcpdump-3.6.2-10.6x.src.rpm

alpha: 
ftp://updates.Red Hat.com/6.2/en/os/alpha/tcpdump-3.6.2-10.6x.alpha.rpm 
ftp://updates.Red Hat.com/6.2/en/os/alpha/libpcap-0.6.2-10.6x.alpha.rpm 
ftp://updates.Red Hat.com/6.2/en/os/alpha/arpwatch-2.1a11-10.6x.alpha.rpm

i386: 
ftp://updates.Red Hat.com/6.2/en/os/i386/tcpdump-3.6.2-10.6x.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/libpcap-0.6.2-10.6x.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/arpwatch-2.1a11-10.6x.i386.rpm

sparc: 
ftp://updates.Red Hat.com/6.2/en/os/sparc/tcpdump-3.6.2-10.6x.sparc.rpm 
ftp://updates.Red Hat.com/6.2/en/os/sparc/libpcap-0.6.2-10.6x.sparc.rpm 
ftp://updates.Red Hat.com/6.2/en/os/sparc/arpwatch-2.1a11-10.6x.sparc.rpm

Red Hat Linux 7.0:

SRPMS: 
ftp://updates.Red Hat.com/7.0/en/os/SRPMS/tcpdump-3.6.2-10.7.src.rpm

alpha: 
ftp://updates.Red Hat.com/7.0/en/os/alpha/tcpdump-3.6.2-10.7.alpha.rpm 
ftp://updates.Red Hat.com/7.0/en/os/alpha/libpcap-0.6.2-10.7.alpha.rpm 
ftp://updates.Red Hat.com/7.0/en/os/alpha/arpwatch-2.1a11-10.7.alpha.rpm

i386: 
ftp://updates.Red Hat.com/7.0/en/os/i386/tcpdump-3.6.2-10.7.i386.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i386/libpcap-0.6.2-10.7.i386.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i386/arpwatch-2.1a11-10.7.i386.rpm

Red Hat Linux 7.1:

SRPMS: 
ftp://updates.Red Hat.com/7.1/en/os/SRPMS/tcpdump-3.6.2-10.7.src.rpm

alpha: 
ftp://updates.Red Hat.com/7.1/en/os/alpha/tcpdump-3.6.2-10.7.alpha.rpm 
ftp://updates.Red Hat.com/7.1/en/os/alpha/libpcap-0.6.2-10.7.alpha.rpm 
ftp://updates.Red Hat.com/7.1/en/os/alpha/arpwatch-2.1a11-10.7.alpha.rpm

i386: 
ftp://updates.Red Hat.com/7.1/en/os/i386/tcpdump-3.6.2-10.7.i386.rpm 
ftp://updates.Red Hat.com/7.1/en/os/i386/libpcap-0.6.2-10.7.i386.rpm 
ftp://updates.Red Hat.com/7.1/en/os/i386/arpwatch-2.1a11-10.7.i386.rpm

ia64: 
ftp://updates.Red Hat.com/7.1/en/os/ia64/tcpdump-3.6.2-10.7.ia64.rpm 
ftp://updates.Red Hat.com/7.1/en/os/ia64/libpcap-0.6.2-10.7.ia64.rpm 
ftp://updates.Red Hat.com/7.1/en/os/ia64/arpwatch-2.1a11-10.7.ia64.rpm

Red Hat Linux 7.2:

SRPMS: 
ftp://updates.Red Hat.com/7.2/en/os/SRPMS/tcpdump-3.6.2-10.7x.src.rpm

i386: 
ftp://updates.Red Hat.com/7.2/en/os/i386/tcpdump-3.6.2-10.7x.i386.rpm 
ftp://updates.Red Hat.com/7.2/en/os/i386/libpcap-0.6.2-10.7x.i386.rpm 
ftp://updates.Red Hat.com/7.2/en/os/i386/arpwatch-2.1a11-10.7x.i386.rpm

ia64: 
ftp://updates.Red Hat.com/7.2/en/os/ia64/tcpdump-3.6.2-10.7x.ia64.rpm 
ftp://updates.Red Hat.com/7.2/en/os/ia64/libpcap-0.6.2-10.7x.ia64.rpm 
ftp://updates.Red Hat.com/7.2/en/os/ia64/arpwatch-2.1a11-10.7x.ia64.rpm



7. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
56393468b3c93882189220111407f3f7 6.2/en/os/SRPMS/tcpdump-3.6.2-10.6x.src.rpm
2a7bc8c33bc44112cd653deffa276ddb 6.2/en/os/alpha/arpwatch-2.1a11-10.6x.alpha.rpm
8438626e79402194be1f7e102e7aed4f 6.2/en/os/alpha/libpcap-0.6.2-10.6x.alpha.rpm
bc74cb7a9f90cf65e97a9b10cc279cc3 6.2/en/os/alpha/tcpdump-3.6.2-10.6x.alpha.rpm
9b11a1b1a4a73a2478d4b8717c860bcc 6.2/en/os/i386/arpwatch-2.1a11-10.6x.i386.rpm
a75d8ac51bff83006d89955cef92b9d5 6.2/en/os/i386/libpcap-0.6.2-10.6x.i386.rpm
fdf5f72d4fa307aafd3f79eff3924485 6.2/en/os/i386/tcpdump-3.6.2-10.6x.i386.rpm
03eca258656b8c0397588ddb7f081915 6.2/en/os/sparc/arpwatch-2.1a11-10.6x.sparc.rpm
6689626f08db5f9b437f408634057287 6.2/en/os/sparc/libpcap-0.6.2-10.6x.sparc.rpm
598314a8f72083c53ee6cea87df767f4 6.2/en/os/sparc/tcpdump-3.6.2-10.6x.sparc.rpm
f662da7a2d04059682e5e91369c27bdd 7.0/en/os/SRPMS/tcpdump-3.6.2-10.7.src.rpm
1584a32f5454af549fa3894a8d9af857 7.0/en/os/alpha/arpwatch-2.1a11-10.7.alpha.rpm
c5922dbfc1c0e6a4fd39b4566563c01e 7.0/en/os/alpha/libpcap-0.6.2-10.7.alpha.rpm
75a38254b6fd158af44f6864469158ba 7.0/en/os/alpha/tcpdump-3.6.2-10.7.alpha.rpm
fb1f88cae5595afcd8da3f436045e8c4 7.0/en/os/i386/arpwatch-2.1a11-10.7.i386.rpm
a718a12b3e9432b682fd56929c381100 7.0/en/os/i386/libpcap-0.6.2-10.7.i386.rpm
8330e5e715cad14f482fae2eff48c18c 7.0/en/os/i386/tcpdump-3.6.2-10.7.i386.rpm
f662da7a2d04059682e5e91369c27bdd 7.1/en/os/SRPMS/tcpdump-3.6.2-10.7.src.rpm
1584a32f5454af549fa3894a8d9af857 7.1/en/os/alpha/arpwatch-2.1a11-10.7.alpha.rpm
c5922dbfc1c0e6a4fd39b4566563c01e 7.1/en/os/alpha/libpcap-0.6.2-10.7.alpha.rpm
75a38254b6fd158af44f6864469158ba 7.1/en/os/alpha/tcpdump-3.6.2-10.7.alpha.rpm
fb1f88cae5595afcd8da3f436045e8c4 7.1/en/os/i386/arpwatch-2.1a11-10.7.i386.rpm
a718a12b3e9432b682fd56929c381100 7.1/en/os/i386/libpcap-0.6.2-10.7.i386.rpm
8330e5e715cad14f482fae2eff48c18c 7.1/en/os/i386/tcpdump-3.6.2-10.7.i386.rpm
115633171d83eb88b8e03b2289b18bb9 7.1/en/os/ia64/arpwatch-2.1a11-10.7.ia64.rpm
97a81098ffefd18a1a0d4c5b47531f30 7.1/en/os/ia64/libpcap-0.6.2-10.7.ia64.rpm
0876627b7435b5bc948e61b75e4d859c 7.1/en/os/ia64/tcpdump-3.6.2-10.7.ia64.rpm
8cc590d38b104a31da86c482702f8c52 7.2/en/os/SRPMS/tcpdump-3.6.2-10.7x.src.rpm
064982643eaa2f6a19a318e0c50f2b84 7.2/en/os/i386/arpwatch-2.1a11-10.7x.i386.rpm
a00187999381db2a22dadc1a1f1ebca9 7.2/en/os/i386/libpcap-0.6.2-10.7x.i386.rpm
b456a14d95d7fdf36f00ef0f41ebc1f4 7.2/en/os/i386/tcpdump-3.6.2-10.7x.i386.rpm
65d133820ef5bdb32baed29284c0101e 7.2/en/os/ia64/arpwatch-2.1a11-10.7x.ia64.rpm
0ac7da164d6b78e8fa62e6a43eb8cd80 7.2/en/os/ia64/libpcap-0.6.2-10.7x.ia64.rpm
a8ae32328eb4230b105e6ad5e7c01c58 7.2/en/os/ia64/tcpdump-3.6.2-10.7x.ia64.rpm
 

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
     http://www.Red Hat.com/about/contact/pgpkey.html

You can verify each package with the following command:
    rpm --checksig  

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg 

8. References:
 
http://www.ciac.org/ciac/bulletins/l-015.shtml


Copyright(c) 2000, 2001, 2002 Red Hat, Inc.


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Preventing Linux rootkit threats through secure boot design
What you need to know about the Drupal vulnerability CVE-2014-3704
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.