Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in tcpdump
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in tcpdump
ID: FEDORA-2017-7ecbc90157
Distribution: Fedora
Plattformen: Fedora 25
Datum: Di, 14. Februar 2017, 18:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5484
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7930
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7931
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7984
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5482
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7923
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7973
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7936
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7927
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5486
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7934
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5341
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7992
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7928
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7993
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7933
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7985
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5485
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8575
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5203
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5483
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7935
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7932
Applikationen: tcpdump

Originalnachricht

 
Name        : tcpdump
Product     : Fedora 25
Version     : 4.9.0
Release     : 1.fc25
URL         : http://www.tcpdump.org
Summary     : A network traffic monitoring tool
Description :
Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump can capture and display the packet headers on a particular
network interface or on all interfaces.  Tcpdump can display all of
the packet headers, or just the ones that match particular criteria.

Install tcpdump if you need a program to monitor network traffic.

-------------------------------------------------------------------------------
-
Update Information:

Security fix for CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925,
CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930,
CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935,
CVE-2016-7936, CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940,
CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984,
CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574,
CVE-2016-8575, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205,
CVE-2017-5341, CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484,
CVE-2017-5485, CVE-2017-5486
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #1419066 - CVE-2016-7922 tcpdump: multiple overflow issues in
 protocol decoding
        https://bugzilla.redhat.com/show_bug.cgi?id=1419066
  [ 2 ] Bug #1419067 - CVE-2016-7923 tcpdump: Buffer overflow in ARP parser in
 print-arp.c:arp_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419067
  [ 3 ] Bug #1419068 - CVE-2016-7924 tcpdump: Buffer overflow in ATM parser in
 print-atm.c:oam_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419068
  [ 4 ] Bug #1419070 - CVE-2016-7925 tcpdump: Buffer overflow in compressed
 SLIP parser in print-sl.c:sl_if_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419070
  [ 5 ] Bug #1419071 - CVE-2016-7926 tcpdump: Buffer overflow in Ethernet
 parser in print-ether.c:ethertype_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419071
  [ 6 ] Bug #1419072 - CVE-2016-7927 tcpdump: Buffer overflow in IEEE 802.11
 parser in print-802_11.c:ieee802_11_radio_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419072
  [ 7 ] Bug #1419073 - CVE-2016-7928 tcpdump: Buffer overflow in IPComp parser
 in print-ipcomp.c:ipcomp_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419073
  [ 8 ] Bug #1419074 - CVE-2016-7929 tcpdump: Buffer overflow in Juniper PPPoE
 ATM parser in print-juniper.c:juniper_parse_header()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419074
  [ 9 ] Bug #1419075 - CVE-2016-7930 tcpdump: Buffer overflow in LLC parser in
 print-llc.c:llc_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419075
  [ 10 ] Bug #1419076 - CVE-2016-7931 tcpdump: Buffer overflow in MPLS parser
 in print-mpls.c:mpls_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419076
  [ 11 ] Bug #1419077 - CVE-2016-7932 tcpdump: Buffer overflow in PIM parser in
 print-pim.c:pimv2_check_checksum()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419077
  [ 12 ] Bug #1419078 - CVE-2016-7933 tcpdump: Buffer overflow in PPP parser in
 print-ppp.c:ppp_hdlc_if_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419078
  [ 13 ] Bug #1419079 - CVE-2016-7934 tcpdump: Buffer overflow in RTCP parser
 in print-udp.c:rtcp_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419079
  [ 14 ] Bug #1419080 - CVE-2016-7935 tcpdump: Buffer overflow in RTP parser in
 print-udp.c:rtp_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419080
  [ 15 ] Bug #1419081 - CVE-2016-7936 tcpdump: Buffer overflow in UDP parser in
 print-udp.c:udp_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419081
  [ 16 ] Bug #1419082 - CVE-2016-7937 tcpdump: Buffer overflow in VAT parser in
 print-udp.c:vat_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419082
  [ 17 ] Bug #1419083 - CVE-2016-7938 tcpdump: Integer overflow in ZeroMQ
 parser in print-zeromq.c:zmtp1_print_frame()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419083
  [ 18 ] Bug #1419085 - CVE-2016-7939 tcpdump: Buffer overflow in GRE parser in
 print-gre.c, multiple functions
        https://bugzilla.redhat.com/show_bug.cgi?id=1419085
  [ 19 ] Bug #1419087 - CVE-2016-7940 tcpdump: Buffer overflow in STP parser in
 print-stp.c, multiple functions
        https://bugzilla.redhat.com/show_bug.cgi?id=1419087
  [ 20 ] Bug #1419088 - CVE-2016-7973 tcpdump: Buffer overflow in AppleTalk
 parser in print-atalk.c, multiple functions
        https://bugzilla.redhat.com/show_bug.cgi?id=1419088
  [ 21 ] Bug #1419089 - CVE-2016-7974 tcpdump: Buffer overflow in IP parser in
 print-ip.c, multiple functions
        https://bugzilla.redhat.com/show_bug.cgi?id=1419089
  [ 22 ] Bug #1419090 - CVE-2016-7975 tcpdump: Buffer overflow in TCP parser in
 print-tcp.c:tcp_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419090
  [ 23 ] Bug #1419091 - CVE-2016-7983 tcpdump: Buffer overflow in BOOTP parser
 in print-bootp.c:bootp_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419091
  [ 24 ] Bug #1419093 - CVE-2016-7984 tcpdump: Buffer overflow in TFTP parser
 in print-tftp.c:tftp_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419093
  [ 25 ] Bug #1419094 - CVE-2016-7985 tcpdump: Buffer overflow in CALM FAST
 parser in print-calm-fast.c:calm_fast_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419094
  [ 26 ] Bug #1419095 - CVE-2016-7986 tcpdump: Buffer overflow in GeoNetworking
 parser in print-geonet.c, multiple functions
        https://bugzilla.redhat.com/show_bug.cgi?id=1419095
  [ 27 ] Bug #1419097 - CVE-2016-7992 tcpdump: Buffer overflow in Classical IP
 over ATM parser in print-cip.c:cip_if_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419097
  [ 28 ] Bug #1419098 - CVE-2016-7993 tcpdump: Buffer overflow in
 util-print.c:relts_print() in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM)
        https://bugzilla.redhat.com/show_bug.cgi?id=1419098
  [ 29 ] Bug #1419099 - CVE-2016-8574 tcpdump: Buffer overflow in FRF.15 parser
 in print-fr.c:frf15_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419099
  [ 30 ] Bug #1419100 - CVE-2016-8575 tcpdump: Buffer overflow in Q.933 parser
 in print-fr.c:q933_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419100
  [ 31 ] Bug #1419101 - CVE-2017-5202 tcpdump: Buffer overflow in ISO CLNS
 parser in print-isoclns.c:clnp_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419101
  [ 32 ] Bug #1419102 - CVE-2017-5203 tcpdump: Buffer overflow in BOOTP parser
 in print-bootp.c:bootp_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419102
  [ 33 ] Bug #1419103 - CVE-2017-5204 tcpdump: Buffer overflow in IPv6 parser
 in print-ip6.c:ip6_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419103
  [ 34 ] Bug #1419104 - CVE-2017-5205 tcpdump: Buffer overflow in ISAKMP parser
 in print-isakmp.c:ikev2_e_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419104
  [ 35 ] Bug #1419106 - CVE-2017-5341 tcpdump: Buffer overflow in OTV parser in
 print-otv.c:otv_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419106
  [ 36 ] Bug #1419112 - CVE-2017-5342 tcpdump: Buffer overflow in
 print-ether.c:ether_print() in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE)
        https://bugzilla.redhat.com/show_bug.cgi?id=1419112
  [ 37 ] Bug #1419107 - CVE-2017-5482 tcpdump: Buffer overflow in Q.933 parser
 in print-fr.c:q933_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419107
  [ 38 ] Bug #1419108 - CVE-2017-5483 tcpdump: Buffer overflow in SNMP parser
 in print-snmp.c:asn1_parse()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419108
  [ 39 ] Bug #1419109 - CVE-2017-5484 tcpdump: Buffer overflow in ATM parser in
 print-atm.c:sig_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419109
  [ 40 ] Bug #1419110 - CVE-2017-5485 tcpdump: Buffer overflow in ISO CLNS
 parser in addrtoname.c:lookup_nsap()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419110
  [ 41 ] Bug #1419111 - CVE-2017-5486 tcpdump: Buffer overflow in ISO CLNS
 parser in print-isoclns.c:clnp_print()
        https://bugzilla.redhat.com/show_bug.cgi?id=1419111
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade tcpdump' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung