Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Fedora Core 6 Update: tcpdump-3.9.4-11.fc6 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
Fedora Update Notification

Product     : Fedora Core 6
Name        : tcpdump
Version     : 3.9.4
Release     : 11.fc6
Summary     : A network traffic monitoring tool.
Description :
Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump can capture and display the packet headers on a particular
network interface or on all interfaces.  Tcpdump can display all of
the packet headers, or just the ones that match particular criteria.

Install tcpdump if you need a program to monitor network traffic.

Update Information:

Integer overflow in print-bgp.c in the BGP dissector in
tcpdump 3.9.6 and earlier allows remote attackers to execute
arbitrary code via crafted TLVs in a BGP packet, related to
an unchecked return value. 
* Wed Aug  1 2007 Miroslav Lichvar  - 14:3.9.4-11.fc6
- fix buffer overflow in BGP dissector (#250290, CVE-2007-3798)
- with -C option, drop root privileges before opening first savefile (#244860)

This update can be downloaded from:

d8ce86c1dfbc2e89e4a7fc23b5f2908314338511  SRPMS/tcpdump-3.9.4-11.fc6.src.rpm
d8ce86c1dfbc2e89e4a7fc23b5f2908314338511  noarch/tcpdump-3.9.4-11.fc6.src.rpm
1149c41ba7ba2f02f13fd861351005346de7884d  ppc/libpcap-devel-0.9.4-11.fc6.ppc.rpm
822e5152e432524d3a0bc7e746c64c1bdd75dc4d  ppc/arpwatch-2.1a13-18.fc6.ppc.rpm
55ff9d1dd9276c7e0009b96bace2803e25be295a  ppc/tcpdump-3.9.4-11.fc6.ppc.rpm
284c32683b4dd9b38eb17054f29ee973186863ae  ppc/debug/tcpdump-debuginfo-3.9.4-11.fc6.ppc.rpm
948142c562763f704e29ee258451a5d76d88e1da  ppc/libpcap-0.9.4-11.fc6.ppc.rpm
5249b65d28d1cac2392a595e3d096e831d8360f5  x86_64/libpcap-devel-0.9.4-11.fc6.x86_64.rpm
2583cd05cdbaced1f83a64ef4f47f003ce8f7dee  x86_64/tcpdump-3.9.4-11.fc6.x86_64.rpm
2f00bbc0547d82a6384bd0e07940e6d1a99233a5  x86_64/libpcap-0.9.4-11.fc6.x86_64.rpm
83acbe82957677f3ff2bd2cb777d5a141aefe603  x86_64/debug/tcpdump-debuginfo-3.9.4-11.fc6.x86_64.rpm
2f19a7ed2349cc9aafac3cd1d2bdd40f39e9f32d  x86_64/arpwatch-2.1a13-18.fc6.x86_64.rpm
d03c86f80c18691638e917e0653350338a1e631f  i386/libpcap-0.9.4-11.fc6.i386.rpm
30377eb8ce0843a5fafc020ef4bcfbb81bda6b0b  i386/debug/tcpdump-debuginfo-3.9.4-11.fc6.i386.rpm
af9212bcf87af09a44c2412cc22a1557ea9b8bde  i386/tcpdump-3.9.4-11.fc6.i386.rpm
c6e6a82e0e0cbf89597344545c87fb2daddc0892  i386/libpcap-devel-0.9.4-11.fc6.i386.rpm
adaee0ac2727cfac135ab7a85bfcd6675e6a78d6  i386/arpwatch-2.1a13-18.fc6.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at

Fedora-package-announce mailing list
< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.