drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in tcpdump
Name: |
Mehrere Probleme in tcpdump |
|
ID: |
USN-2580-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 14.10 |
|
Datum: |
Mo, 27. April 2015, 20:40 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0261
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2153
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2154
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2155 |
|
Applikationen: |
tcpdump |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============4973953196965867827== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="el8TcSBKp71f5tceAlpwuFqi90PgPR9LA"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --el8TcSBKp71f5tceAlpwuFqi90PgPR9LA Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-2580-1 April 27, 2015
tcpdump vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
tcpdump could be made to crash or run programs if it received specially crafted network traffic.
Software Description: - tcpdump: command-line network traffic analyzer
Details:
It was discovered that tcpdump incorrectly handled printing certain packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code.
In the default installation, attackers would be isolated by the tcpdump AppArmor profile.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.10: tcpdump 4.6.2-1ubuntu1.2
Ubuntu 14.04 LTS: tcpdump 4.5.1-2ubuntu1.2
Ubuntu 12.04 LTS: tcpdump 4.2.1-1ubuntu2.2
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2580-1 CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155
Package Information: https://launchpad.net/ubuntu/+source/tcpdump/4.6.2-1ubuntu1.2 https://launchpad.net/ubuntu/+source/tcpdump/4.5.1-2ubuntu1.2 https://launchpad.net/ubuntu/+source/tcpdump/4.2.1-1ubuntu2.2
--el8TcSBKp71f5tceAlpwuFqi90PgPR9LA Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJVPlMgAAoJEGVp2FWnRL6T8GwQAI2dg4ycKEE5LgXFKs6pu35F j6lNOz9pR4DxguBTgfM6FwvGzAEKkVZ96RHQS4d6ePV3wzplbjS+shi1CdHz18l5 Y32g0e6akEC2tGqAMF+OmrnUxicMgOOuBLpIHpbCd2CCjC8rQzYlAv8mz2mGzbi5 b2KmS3HuEKgFcNYgCg1fD3Exrkn9b+K5y6TtUFgM4poBgDDaGxkwFMI5gzx828v5 nmazZjtImKpmq3eTOJ/TwV6EJTxuCFEJrehee8g5gnlAY6aVsRSxkldo9czHcfAL MY2WMTYqZ2848yfbCTiQB4KXvCi9z4afRFgbohfpJVyQL34nssRVkXbIUCdxyYL9 VgxllqOa4LTJVhjd4fS7V7edXPQHbPkN7349g2FA19DR+uFlvheMwlecACFVgqIg zIe8Uw6oqkX7K90rBjd5cRVl2DDowmoDl1g/S55skOd2wy873EargtCHUlasAso+ MDyVqlo5tKJXE94IN5QA1d619rSgeuEY690suq25puNS2uBETDHOC1dGpxxSQ1ri ejiKfv5X5XRloIVKJYwE8Bbw44fqZ3FOnk+HazTZmF9dRScM+N1HmeYd8OKTbKsJ FlIMUYC1kQfwNj3X9HNUaHRd0QXCqoSVyAe2bILFT3AErbkktf4o9leYSoPlBqcS BSjnz1mCtcVXCtjxiFqu =XoXT -----END PGP SIGNATURE-----
--el8TcSBKp71f5tceAlpwuFqi90PgPR9LA--
--===============4973953196965867827== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============4973953196965867827==--
|
|
|
|