Debian: 'tcpdump' vulnerability
Posted by Team   
Debian Several buffer overflows were found which allow an attacker to make tcpdump crash.

- ------------------------------------------------------------------------
Debian Security Advisory                                            Wichert Akkerman
November 20, 2000
- ------------------------------------------------------------------------

Package: tcpdump
Vulnerability: remote exploit
Debian-specific: no

During internal source code auditing by FreeBSD several buffer overflows
were found which allow an attacker to make tcpdump crash by sending
carefully crafted packets to a network that is being monitored with

This has been fixed in version 3.4a6-4.2.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 2.2 alias potato
- ---------------------------------

  Potato was released for the alpha, arm, i386, m68k, powerpc and sparc

  Source archives:
      MD5 checksum: 62a63a125250c0d636a6658910e0955b
      MD5 checksum: 733e906052de894eddce7fa27437b1b2
      MD5 checksum: 8133ffe2af22d66c70419f48a42ac675

  Alpha architecture:
      MD5 checksum: 7f89d984dbe54116c5aa34aae93e5357

  ARM architecture:
      MD5 checksum: 69dd2892ef04adf55f74b80828c26f5e

  Intel ia32 architecture:
      MD5 checksum: 906068aaeebbcb5f50ea1b2dd1aec4c0

  Motorola 680x0 architecture:
      MD5 checksum: 17c6feed12c3875d051659526f16393f

  PowerPC architecture:
      MD5 checksum: c850bdecfe6aded7728ef4b6d6549d8e

  Sun Sparc architecture:
      MD5 checksum: b7fbc7275e859c0b0db165349ecafaf0

For not yet released architectures please refer to the appropriate
directory$arch/ .

- -- 
- ----------------------------------------------------------------------------
apt-get: deb stable/updates main
dpkg -ftp: dists/stable/updates/main
Mailing list: