Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in tcpdump
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in tcpdump
ID: FEDORA-2017-7ecbc90157
Distribution: Fedora
Plattformen: Fedora 25
Datum: Di, 14. Februar 2017, 18:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5484
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7930
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7931
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7984
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5482
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7923
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7973
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7936
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7927
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5486
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7934
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5341
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7992
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7928
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7993
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7933
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7985
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5485
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8575
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5203
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5483
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7935
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7932

Originalnachricht

Name        : tcpdump
Product : Fedora 25
Version : 4.9.0
Release : 1.fc25
URL : http://www.tcpdump.org
Summary : A network traffic monitoring tool
Description :
Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump can capture and display the packet headers on a particular
network interface or on all interfaces. Tcpdump can display all of
the packet headers, or just the ones that match particular criteria.

Install tcpdump if you need a program to monitor network traffic.

-------------------------------------------------------------------------------
-
Update Information:

Security fix for CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925,
CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930,
CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935,
CVE-2016-7936, CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940,
CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984,
CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574,
CVE-2016-8575, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205,
CVE-2017-5341, CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484,
CVE-2017-5485, CVE-2017-5486
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1419066 - CVE-2016-7922 tcpdump: multiple overflow issues in
protocol decoding
https://bugzilla.redhat.com/show_bug.cgi?id=1419066
[ 2 ] Bug #1419067 - CVE-2016-7923 tcpdump: Buffer overflow in ARP parser in
print-arp.c:arp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419067
[ 3 ] Bug #1419068 - CVE-2016-7924 tcpdump: Buffer overflow in ATM parser in
print-atm.c:oam_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419068
[ 4 ] Bug #1419070 - CVE-2016-7925 tcpdump: Buffer overflow in compressed
SLIP parser in print-sl.c:sl_if_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419070
[ 5 ] Bug #1419071 - CVE-2016-7926 tcpdump: Buffer overflow in Ethernet
parser in print-ether.c:ethertype_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419071
[ 6 ] Bug #1419072 - CVE-2016-7927 tcpdump: Buffer overflow in IEEE 802.11
parser in print-802_11.c:ieee802_11_radio_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419072
[ 7 ] Bug #1419073 - CVE-2016-7928 tcpdump: Buffer overflow in IPComp parser
in print-ipcomp.c:ipcomp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419073
[ 8 ] Bug #1419074 - CVE-2016-7929 tcpdump: Buffer overflow in Juniper PPPoE
ATM parser in print-juniper.c:juniper_parse_header()
https://bugzilla.redhat.com/show_bug.cgi?id=1419074
[ 9 ] Bug #1419075 - CVE-2016-7930 tcpdump: Buffer overflow in LLC parser in
print-llc.c:llc_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419075
[ 10 ] Bug #1419076 - CVE-2016-7931 tcpdump: Buffer overflow in MPLS parser
in print-mpls.c:mpls_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419076
[ 11 ] Bug #1419077 - CVE-2016-7932 tcpdump: Buffer overflow in PIM parser in
print-pim.c:pimv2_check_checksum()
https://bugzilla.redhat.com/show_bug.cgi?id=1419077
[ 12 ] Bug #1419078 - CVE-2016-7933 tcpdump: Buffer overflow in PPP parser in
print-ppp.c:ppp_hdlc_if_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419078
[ 13 ] Bug #1419079 - CVE-2016-7934 tcpdump: Buffer overflow in RTCP parser
in print-udp.c:rtcp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419079
[ 14 ] Bug #1419080 - CVE-2016-7935 tcpdump: Buffer overflow in RTP parser in
print-udp.c:rtp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419080
[ 15 ] Bug #1419081 - CVE-2016-7936 tcpdump: Buffer overflow in UDP parser in
print-udp.c:udp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419081
[ 16 ] Bug #1419082 - CVE-2016-7937 tcpdump: Buffer overflow in VAT parser in
print-udp.c:vat_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419082
[ 17 ] Bug #1419083 - CVE-2016-7938 tcpdump: Integer overflow in ZeroMQ
parser in print-zeromq.c:zmtp1_print_frame()
https://bugzilla.redhat.com/show_bug.cgi?id=1419083
[ 18 ] Bug #1419085 - CVE-2016-7939 tcpdump: Buffer overflow in GRE parser in
print-gre.c, multiple functions
https://bugzilla.redhat.com/show_bug.cgi?id=1419085
[ 19 ] Bug #1419087 - CVE-2016-7940 tcpdump: Buffer overflow in STP parser in
print-stp.c, multiple functions
https://bugzilla.redhat.com/show_bug.cgi?id=1419087
[ 20 ] Bug #1419088 - CVE-2016-7973 tcpdump: Buffer overflow in AppleTalk
parser in print-atalk.c, multiple functions
https://bugzilla.redhat.com/show_bug.cgi?id=1419088
[ 21 ] Bug #1419089 - CVE-2016-7974 tcpdump: Buffer overflow in IP parser in
print-ip.c, multiple functions
https://bugzilla.redhat.com/show_bug.cgi?id=1419089
[ 22 ] Bug #1419090 - CVE-2016-7975 tcpdump: Buffer overflow in TCP parser in
print-tcp.c:tcp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419090
[ 23 ] Bug #1419091 - CVE-2016-7983 tcpdump: Buffer overflow in BOOTP parser
in print-bootp.c:bootp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419091
[ 24 ] Bug #1419093 - CVE-2016-7984 tcpdump: Buffer overflow in TFTP parser
in print-tftp.c:tftp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419093
[ 25 ] Bug #1419094 - CVE-2016-7985 tcpdump: Buffer overflow in CALM FAST
parser in print-calm-fast.c:calm_fast_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419094
[ 26 ] Bug #1419095 - CVE-2016-7986 tcpdump: Buffer overflow in GeoNetworking
parser in print-geonet.c, multiple functions
https://bugzilla.redhat.com/show_bug.cgi?id=1419095
[ 27 ] Bug #1419097 - CVE-2016-7992 tcpdump: Buffer overflow in Classical IP
over ATM parser in print-cip.c:cip_if_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419097
[ 28 ] Bug #1419098 - CVE-2016-7993 tcpdump: Buffer overflow in
util-print.c:relts_print() in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM)
https://bugzilla.redhat.com/show_bug.cgi?id=1419098
[ 29 ] Bug #1419099 - CVE-2016-8574 tcpdump: Buffer overflow in FRF.15 parser
in print-fr.c:frf15_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419099
[ 30 ] Bug #1419100 - CVE-2016-8575 tcpdump: Buffer overflow in Q.933 parser
in print-fr.c:q933_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419100
[ 31 ] Bug #1419101 - CVE-2017-5202 tcpdump: Buffer overflow in ISO CLNS
parser in print-isoclns.c:clnp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419101
[ 32 ] Bug #1419102 - CVE-2017-5203 tcpdump: Buffer overflow in BOOTP parser
in print-bootp.c:bootp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419102
[ 33 ] Bug #1419103 - CVE-2017-5204 tcpdump: Buffer overflow in IPv6 parser
in print-ip6.c:ip6_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419103
[ 34 ] Bug #1419104 - CVE-2017-5205 tcpdump: Buffer overflow in ISAKMP parser
in print-isakmp.c:ikev2_e_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419104
[ 35 ] Bug #1419106 - CVE-2017-5341 tcpdump: Buffer overflow in OTV parser in
print-otv.c:otv_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419106
[ 36 ] Bug #1419112 - CVE-2017-5342 tcpdump: Buffer overflow in
print-ether.c:ether_print() in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE)
https://bugzilla.redhat.com/show_bug.cgi?id=1419112
[ 37 ] Bug #1419107 - CVE-2017-5482 tcpdump: Buffer overflow in Q.933 parser
in print-fr.c:q933_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419107
[ 38 ] Bug #1419108 - CVE-2017-5483 tcpdump: Buffer overflow in SNMP parser
in print-snmp.c:asn1_parse()
https://bugzilla.redhat.com/show_bug.cgi?id=1419108
[ 39 ] Bug #1419109 - CVE-2017-5484 tcpdump: Buffer overflow in ATM parser in
print-atm.c:sig_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419109
[ 40 ] Bug #1419110 - CVE-2017-5485 tcpdump: Buffer overflow in ISO CLNS
parser in addrtoname.c:lookup_nsap()
https://bugzilla.redhat.com/show_bug.cgi?id=1419110
[ 41 ] Bug #1419111 - CVE-2017-5486 tcpdump: Buffer overflow in ISO CLNS
parser in print-isoclns.c:clnp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419111
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade tcpdump' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung