|
|
>> Fedora Security Update Fixes Tcpdump "parse_elements" Denial of Service Vulnerability
|
Title : Fedora Security Update Fixes Tcpdump "parse_elements" Denial of Service Vulnerability
VUPEN ID : VUPEN/ADV-2007-0992
CVE ID : CVE-2007-1218
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-03-19
|
Fedora has released updated packages to address a vulnerability identified in Tcpdump. This issue could be exploited by attackers to cause a denial of service. For additional information, see : VUPEN/ADV-2007-0793
Affected Products
Fedora Core 5
Fedora Core 6
Solution
Upgrade the affected packages :
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
d7ba48e09d7994b96652147676b2f37ad56e8cbc SRPMS/tcpdump-3.9.4-4.fc5.src.rpm
d7ba48e09d7994b96652147676b2f37ad56e8cbc noarch/tcpdump-3.9.4-4.fc5.src.rpm
a3d4abcee5ebb54941e832a5d9da0c34ac89509e ppc/libpcap-0.9.4-4.fc5.ppc.rpm
9cbd06d5487b558ddf70ac255c67db3cec081020 ppc/debug/tcpdump-debuginfo-3.9.4-4.fc5.ppc.rpm
ffa9745aaa2e06e406f4f105700a217a357003e1 ppc/arpwatch-2.1a13-15.fc5.ppc.rpm
3a17a7b9e95e4f2cfbb4c9f079ef1e793b59ba72 ppc/tcpdump-3.9.4-4.fc5.ppc.rpm
ba04e256a2c20c897e627d0340d3e242af978d45 x86_64/libpcap-0.9.4-4.fc5.x86_64.rpm
2c9c1e30beef4b7781d2889696c32bfe4ae395cc x86_64/tcpdump-3.9.4-4.fc5.x86_64.rpm
561427aee56f32681704984d83df1d48fb6460a1 x86_64/arpwatch-2.1a13-15.fc5.x86_64.rpm
43ca82d842c173460ec6dae8f5413e445fa2f539 x86_64/debug/tcpdump-debuginfo-3.9.4-4.fc5.x86_64.rpm
dcc4cb141907967dacd3678f0f17dfd4743f75c7 i386/tcpdump-3.9.4-4.fc5.i386.rpm
44cfb923721a8a87c3bf2747a91d90802ecf78c1 i386/arpwatch-2.1a13-15.fc5.i386.rpm
315f39baeae2f0880b1ec91879838268d9fb9aa6 i386/debug/tcpdump-debuginfo-3.9.4-4.fc5.i386.rpm
216013956355d2d2c7006dbf60124212776bf162 i386/libpcap-0.9.4-4.fc5.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
d70fc204d160c153a7e0c2eaecffe03c64b6f98f SRPMS/tcpdump-3.9.4-10.fc6.src.rpm
d70fc204d160c153a7e0c2eaecffe03c64b6f98f noarch/tcpdump-3.9.4-10.fc6.src.rpm
78d280c690b81cb43cfc1114f7d352744d72f2c6 ppc/arpwatch-2.1a13-17.fc6.ppc.rpm
282e470e1a18d1502a55771e1956dc0fd4ed510d ppc/debug/tcpdump-debuginfo-3.9.4-10.fc6.ppc.rpm
6ccffc5016fcac9dd377b186c27fb0aabb83c298 ppc/tcpdump-3.9.4-10.fc6.ppc.rpm
0bac5510dafca986bad39b46ff82f65c7e2efa25 ppc/libpcap-0.9.4-10.fc6.ppc.rpm
3a9b8f7276921a146750bdf87734e354c4ce7074 ppc/libpcap-devel-0.9.4-10.fc6.ppc.rpm
0242836290534f5a513601c7f5fdb2987a127c1c x86_64/libpcap-0.9.4-10.fc6.x86_64.rpm
6b850c13ce89b3b435ce2b12c0bbb7973261cf9c x86_64/libpcap-devel-0.9.4-10.fc6.x86_64.rpm
64017eab83d54f1224cea8f8894f6adac8c67d91 x86_64/tcpdump-3.9.4-10.fc6.x86_64.rpm
4d0cc9863515ae05ed83a2bc052c18882ef19797 x86_64/debug/tcpdump-debuginfo-3.9.4-10.fc6.x86_64.rpm
9ed990c85424e7696530b32196fc6cb01c547cc7 x86_64/arpwatch-2.1a13-17.fc6.x86_64.rpm
ffd384b9d15aac0f3c6f0f900813e6bc2110514f i386/arpwatch-2.1a13-17.fc6.i386.rpm
b800f281187f03a9b3d6242b99d128e925b4f5b9 i386/tcpdump-3.9.4-10.fc6.i386.rpm
cd126685bef09b529aa928fee7809590ce906137 i386/libpcap-devel-0.9.4-10.fc6.i386.rpm
f21c20de322c490de9df03d3a28b4f74e329ba58 i386/debug/tcpdump-debuginfo-3.9.4-10.fc6.i386.rpm
21867d4d9331c474cf65586b508db6195dfeacc5 i386/libpcap-0.9.4-10.fc6.i386.rpm
References
http://www.vupen.com/english/advisories/2007/0992
https://www.redhat.com/archives/fedora-package-announce/2007-March/msg00054.html
https://www.redhat.com/archives/fedora-package-announce/2007-March/msg00053.html
ChangeLog
2007-03-19 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
