=========================================================== 
Ubuntu Security Notice USN-492-1              July 30, 2007
tcpdump vulnerability
CVE-2007-3798
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  tcpdump                                  3.9.4-2ubuntu0.2

Ubuntu 6.10:
  tcpdump                                  3.9.4-4ubuntu0.2

Ubuntu 7.04:
  tcpdump                                  3.9.5-2ubuntu1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

A flaw was discovered in the BGP dissector of tcpdump.  Remote
attackers could send specially crafted packets and execute arbitrary
code with user privileges.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

          Size/MD5:    11829 2c911638159adc11d2ff54f96182de54
          Size/MD5:      685 a8ab006366dbe0973e06d08bec9ed359
          Size/MD5:   716862 4b64755bbc8ba1af49c747271a6df5b8

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:   313048 eeb295aada8253ed88675759a5b9fefc

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:   289664 ae14411448b3cc4f6aeb99137ab08242

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:   301184 227cfb459beba4f873524ff0351994d7

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:   305034 56c94f1b847c19301e59c0ca09b05373

Updated packages for Ubuntu 6.10:

  Source archives:

          Size/MD5:    11966 781a774a620649e0c6a6e208fb98644c
          Size/MD5:      632 7f81be7f487baa766845a1701d95d797
          Size/MD5:   716862 4b64755bbc8ba1af49c747271a6df5b8

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:   315162 7b2246a74280ede3bb105aa580cd0866

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:   300680 4125eb94e7ec30f41d03740f0154f504

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:   303704 0f1c7c7cc722c6039f8078ea620a75ad

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:   308620 7c11b491590794464980b7e4bb801925

Updated packages for Ubuntu 7.04:

  Source archives:

          Size/MD5:    11970 c875dadc73193df8f1bba9ebac4a9bcc
          Size/MD5:      712 037ba4c3cf2113ac1ee02f3008cc4917
          Size/MD5:   712411 2135e7b1f09af0eaf66d2af822bed44a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:   317680 164f2980e2673cc641661a859c260d98

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:   303426 1f5aaddf44cd3057241f6e2364183ecd

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:   308756 06ca55a167c3b0caac6add7a8d0b2981

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:   312192 dce58020c8b5a99316e3d1d1fba2923b

Ubuntu: tcpdump vulnerability

July 30, 2007
A flaw was discovered in the BGP dissector of tcpdump

Summary

Update Instructions

References

Severity
Ubuntu Security Notice USN-492-1 July 30, 2007

Package Information

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved