Fedora Core 6 Update: tcpdump-3.9.4-11.fc6
Posted by Benjamin D. Thomas   
Fedora Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-654
2007-08-01
---------------------------------------------------------------------

Product     : Fedora Core 6
Name        : tcpdump
Version     : 3.9.4
Release     : 11.fc6
Summary     : A network traffic monitoring tool.
Description :
Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump can capture and display the packet headers on a particular
network interface or on all interfaces.  Tcpdump can display all of
the packet headers, or just the ones that match particular criteria.

Install tcpdump if you need a program to monitor network traffic.

---------------------------------------------------------------------
Update Information:

CVE-2007-3798
Integer overflow in print-bgp.c in the BGP dissector in
tcpdump 3.9.6 and earlier allows remote attackers to execute
arbitrary code via crafted TLVs in a BGP packet, related to
an unchecked return value. 
---------------------------------------------------------------------
* Wed Aug  1 2007 Miroslav Lichvar  - 14:3.9.4-11.fc6
- fix buffer overflow in BGP dissector (#250290, CVE-2007-3798)
- with -C option, drop root privileges before opening first savefile (#244860)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

d8ce86c1dfbc2e89e4a7fc23b5f2908314338511  SRPMS/tcpdump-3.9.4-11.fc6.src.rpm
d8ce86c1dfbc2e89e4a7fc23b5f2908314338511  noarch/tcpdump-3.9.4-11.fc6.src.rpm
1149c41ba7ba2f02f13fd861351005346de7884d  ppc/libpcap-devel-0.9.4-11.fc6.ppc.rpm
822e5152e432524d3a0bc7e746c64c1bdd75dc4d  ppc/arpwatch-2.1a13-18.fc6.ppc.rpm
55ff9d1dd9276c7e0009b96bace2803e25be295a  ppc/tcpdump-3.9.4-11.fc6.ppc.rpm
284c32683b4dd9b38eb17054f29ee973186863ae  ppc/debug/tcpdump-debuginfo-3.9.4-11.fc6.ppc.rpm
948142c562763f704e29ee258451a5d76d88e1da  ppc/libpcap-0.9.4-11.fc6.ppc.rpm
5249b65d28d1cac2392a595e3d096e831d8360f5  x86_64/libpcap-devel-0.9.4-11.fc6.x86_64.rpm
2583cd05cdbaced1f83a64ef4f47f003ce8f7dee  x86_64/tcpdump-3.9.4-11.fc6.x86_64.rpm
2f00bbc0547d82a6384bd0e07940e6d1a99233a5  x86_64/libpcap-0.9.4-11.fc6.x86_64.rpm
83acbe82957677f3ff2bd2cb777d5a141aefe603  x86_64/debug/tcpdump-debuginfo-3.9.4-11.fc6.x86_64.rpm
2f19a7ed2349cc9aafac3cd1d2bdd40f39e9f32d  x86_64/arpwatch-2.1a13-18.fc6.x86_64.rpm
d03c86f80c18691638e917e0653350338a1e631f  i386/libpcap-0.9.4-11.fc6.i386.rpm
30377eb8ce0843a5fafc020ef4bcfbb81bda6b0b  i386/debug/tcpdump-debuginfo-3.9.4-11.fc6.i386.rpm
af9212bcf87af09a44c2412cc22a1557ea9b8bde  i386/tcpdump-3.9.4-11.fc6.i386.rpm
c6e6a82e0e0cbf89597344545c87fb2daddc0892  i386/libpcap-devel-0.9.4-11.fc6.i386.rpm
adaee0ac2727cfac135ab7a85bfcd6675e6a78d6  i386/arpwatch-2.1a13-18.fc6.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce