Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in tcpdump
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in tcpdump
ID: MDKSA-2005:087
Distribution: Mandriva
Plattformen: Mandriva 10.0, Mandriva 10.1, Mandriva Corporate 3.0, Mandriva Corporate Server 2.1, Mandriva 10.2
Datum: Fr, 13. Mai 2005, 13:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1280
Applikationen: tcpdump

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Update Advisory
_______________________________________________________________________

Package name: tcpdump
Advisory ID: MDKSA-2005:087
Date: May 11th, 2005

Affected versions: 10.0, 10.1, 10.2, Corporate 3.0,
Corporate Server 2.1
______________________________________________________________________

Problem Description:

A number of Denial of Service vulnerabilities were discovered in the
way that tcpdump processes certain network packets. If abused, these
flaws can allow a remote attacker to inject a carefully crafted packet
onto the network, crashing tcpdump.

The provided packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.0:
e73bd8a6947c3685f0a1dcd370103a2d 10.0/RPMS/tcpdump-3.8.1-1.2.100mdk.i586.rpm
1e36745b1695e0272989183d00489401 10.0/SRPMS/tcpdump-3.8.1-1.2.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
49a077ec66ad00b73e7448328ef86b44
amd64/10.0/RPMS/tcpdump-3.8.1-1.2.100mdk.amd64.rpm
1e36745b1695e0272989183d00489401
amd64/10.0/SRPMS/tcpdump-3.8.1-1.2.100mdk.src.rpm

Mandrakelinux 10.1:
67d319eed39f1bafb30a25e57f7add2a 10.1/RPMS/tcpdump-3.8.3-2.1.101mdk.i586.rpm
9367b2c7064311b7552a516c71da2335 10.1/SRPMS/tcpdump-3.8.3-2.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
797c8b13a984821bf42b3a1ff1f0606f
x86_64/10.1/RPMS/tcpdump-3.8.3-2.1.101mdk.x86_64.rpm
9367b2c7064311b7552a516c71da2335
x86_64/10.1/SRPMS/tcpdump-3.8.3-2.1.101mdk.src.rpm

Mandrakelinux 10.2:
5e3b9eaf014d072536aee3d4153149fd 10.2/RPMS/tcpdump-3.8.3-2.1.102mdk.i586.rpm
a84d58a6c8e197106db7550b89cd7bc9 10.2/SRPMS/tcpdump-3.8.3-2.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
46175965cf9fe968060f04212469403d
x86_64/10.2/RPMS/tcpdump-3.8.3-2.1.102mdk.x86_64.rpm
a84d58a6c8e197106db7550b89cd7bc9
x86_64/10.2/SRPMS/tcpdump-3.8.3-2.1.102mdk.src.rpm

Corporate Server 2.1:
aa300032c33e2bbe3f4a164a0202c410
corporate/2.1/RPMS/tcpdump-3.7.2-2.3.C21mdk.i586.rpm
d56843af254ecdebf9c047f6fb903149
corporate/2.1/SRPMS/tcpdump-3.7.2-2.3.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
d539efda2769654b6a7368b74565d613
x86_64/corporate/2.1/RPMS/tcpdump-3.7.2-2.3.C21mdk.x86_64.rpm
d56843af254ecdebf9c047f6fb903149
x86_64/corporate/2.1/SRPMS/tcpdump-3.7.2-2.3.C21mdk.src.rpm

Corporate 3.0:
df9e3b52c36c3a68aa3c5a12464dfa33
corporate/3.0/RPMS/tcpdump-3.8.1-1.2.C30mdk.i586.rpm
13100cead5f5b078e0b3249d1f522339
corporate/3.0/SRPMS/tcpdump-3.8.1-1.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
69a3d5fc2be9891eaeea2d1a0ebbfc09
x86_64/corporate/3.0/RPMS/tcpdump-3.8.1-1.2.C30mdk.x86_64.rpm
13100cead5f5b078e0b3249d1f522339
x86_64/corporate/3.0/SRPMS/tcpdump-3.8.1-1.2.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCg3YAmqjQ0CJFipgRAvS+AJ0cehmVbljRCl/cttYQcpWEPVSjRQCbBqUx
nAuXy6n6kwgEVx3rVxZbRE8=
=Rst9
-----END PGP SIGNATURE-----


To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung