Contact | Site en Français               

 


 

VUPEN VNS v4.0
 
  Features and Options
  Free 14-Day Trial

  Partner Program
  Receive More Information
 
   
 

Latest Intelligence
 
  VUPEN Security Advisories

  Virus and Malware Alerts
  VUPEN Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Mandriva Security Update Fixes Multiple Tcpdump Vulnerabilities

Title : Mandriva Security Update Fixes Multiple Tcpdump Vulnerabilities
VUPEN ID : VUPEN/ADV-2005-0538
CVE ID : CVE-2005-1278 - CVE-2005-1279 - CVE-2005-1280
CWE ID : VUPEN VNS Only
CVSS V2 : VUPEN VNS Only
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-05-13

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format 

Mandriva has released a security patch to correct several vulnerabilities identified in tcpdump. These flaws reside in the "rsvp_print()", "ldp_print()", "RT_ROUTING_INFO", and "isis_print()" functions, which could be exploited by remote attackers to cause a denial of service . For additional information, see : VUPEN/ADV-2005-0411 - VUPEN/ADV-2005-0410 - VUPEN/ADV-2005-0409 - VUPEN/ADV-2005-0408

Affected Products

Mandrakelinux 10.1
Mandrakelinux 10.2
Corporate Server 2.1
Corporate 3.0

Solution

Use MandrakeUpdate or apply the patches :
Mandrakelinux 10.0:
e73bd8a6947c3685f0a1dcd370103a2d 10.0/RPMS/tcpdump-3.8.1-1.2.100mdk.i586.rpm
1e36745b1695e0272989183d00489401 10.0/SRPMS/tcpdump-3.8.1-1.2.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
49a077ec66ad00b73e7448328ef86b44 amd64/10.0/RPMS/tcpdump-3.8.1-1.2.100mdk.amd64.rpm
1e36745b1695e0272989183d00489401 amd64/10.0/SRPMS/tcpdump-3.8.1-1.2.100mdk.src.rpm
Mandrakelinux 10.1:
67d319eed39f1bafb30a25e57f7add2a 10.1/RPMS/tcpdump-3.8.3-2.1.101mdk.i586.rpm
9367b2c7064311b7552a516c71da2335 10.1/SRPMS/tcpdump-3.8.3-2.1.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
797c8b13a984821bf42b3a1ff1f0606f x86_64/10.1/RPMS/tcpdump-3.8.3-2.1.101mdk.x86_64.rpm
9367b2c7064311b7552a516c71da2335 x86_64/10.1/SRPMS/tcpdump-3.8.3-2.1.101mdk.src.rpm
Mandrakelinux 10.2:
5e3b9eaf014d072536aee3d4153149fd 10.2/RPMS/tcpdump-3.8.3-2.1.102mdk.i586.rpm
a84d58a6c8e197106db7550b89cd7bc9 10.2/SRPMS/tcpdump-3.8.3-2.1.102mdk.src.rpm
Mandrakelinux 10.2/X86_64:
46175965cf9fe968060f04212469403d x86_64/10.2/RPMS/tcpdump-3.8.3-2.1.102mdk.x86_64.rpm
a84d58a6c8e197106db7550b89cd7bc9 x86_64/10.2/SRPMS/tcpdump-3.8.3-2.1.102mdk.src.rpm
Corporate Server 2.1:
aa300032c33e2bbe3f4a164a0202c410 corporate/2.1/RPMS/tcpdump-3.7.2-2.3.C21mdk.i586.rpm
d56843af254ecdebf9c047f6fb903149 corporate/2.1/SRPMS/tcpdump-3.7.2-2.3.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
d539efda2769654b6a7368b74565d613 x86_64/corporate/2.1/RPMS/tcpdump-3.7.2-2.3.C21mdk.x86_64.rpm
d56843af254ecdebf9c047f6fb903149 x86_64/corporate/2.1/SRPMS/tcpdump-3.7.2-2.3.C21mdk.src.rpm
Corporate 3.0:
df9e3b52c36c3a68aa3c5a12464dfa33 corporate/3.0/RPMS/tcpdump-3.8.1-1.2.C30mdk.i586.rpm
13100cead5f5b078e0b3249d1f522339 corporate/3.0/SRPMS/tcpdump-3.8.1-1.2.C30mdk.src.rpm
Corporate 3.0/X86_64:
69a3d5fc2be9891eaeea2d1a0ebbfc09 x86_64/corporate/3.0/RPMS/tcpdump-3.8.1-1.2.C30mdk.x86_64.rpm
13100cead5f5b078e0b3249d1f522339 x86_64/corporate/3.0/SRPMS/tcpdump-3.8.1-1.2.C30mdk.src.rpm

References

http://www.vupen.com/english/advisories/2005/0538
http://archives.mandrivalinux.com/security-announce/2005-05/msg00008.php

ChangeLog

2005-05-13 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts with CVE, CWE, and CVSS when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

VUPEN Vulnerability
Notification Service
 

Latest Advisories
  

   
    





Copyright VUPEN © 2004-2010 - Privacy Policy