Auditorías de Seguridad de Red / Evaluación de vulnerabilidades de SecuritySpace

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2003-14
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date : 12 Mar 2003
Last revised           : 01 Apr 2003

Package : tcpdump

Summry : tcpdump infinite loop

More information :
    Vulnerabilites exist in the tcpdump. When parsing malformed ISAKMP, BGP and NFS packets,
    it will cause TCPDUMP to enter an infinite look or buffer overflow.

Impact :
    This may allow remote attackers to cause a denial of service.

Affected Products :
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation
    - Turbolinux Server 6.5
    - Turbolinux Advanced Server 6
    - Turbolinux Server 6.1
    - Turbolinux Workstation 6.0

Solution :
    Please use turbopkg tool to apply the update.

    If you need to confirm the version of current installed
    package, please issue rpm command as :

    # rpm -qa | grep PACKAGE-NAME

<Turbolinux 8 Server>

   Source Packages
   Size : MD5

   tcpdump-3.7.2-1.src.rpm
       434120 eaa3ef4cd3c38c4ce69f0e18cbf81b8a

   Binary Packages
   Size : MD5

   tcpdump-3.7.2-1.i586.rpm
       233086 8ab3677d5241c09953b9068906922ae8

<Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   tcpdump-3.7.2-1.src.rpm
       434120 536b15d3c9901a87cc6605ccb0066019

   Binary Packages
   Size : MD5

   tcpdump-3.7.2-1.i586.rpm
       233060 62d71b2bdb573fbd3b939542f5a4f059

<Turbolinux 7 Server>

   Source Packages
   Size : MD5

   tcpdump-3.7.2-1.src.rpm
       434120 0ee91bd02cc5092590cb049645a3f7ed

   Binary Packages
   Size : MD5

   tcpdump-3.7.2-1.i586.rpm
       226875 0ebe2ef0e609c8ac5104b71327ec9248

<Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   tcpdump-3.7.2-1.src.rpm
       434120 d2c4fafe62345a49cb5c21f6f3788ba9

   Binary Packages
   Size : MD5

   tcpdump-3.7.2-1.i586.rpm
       226818 a1346f66773b5b9cbbb90e9b9011e765

<Turbolinux Server 6.5>

   Source Packages
   Size : MD5

   tcpdump-3.7.2-1.src.rpm
       434120 d0de6c6aaff1ae14b4440d232f0fc9f3

   Binary Packages
   Size : MD5

   tcpdump-3.7.2-1.i386.rpm
       220695 76a84fc91634949d4f82aab14f6bcd70

<Turbolinux Advanced Server 6>

   Source Packages
   Size : MD5

   tcpdump-3.7.2-1.src.rpm
       434120 9f0b05433ce66fe9ec556045dada52db

   Binary Packages
   Size : MD5

   tcpdump-3.7.2-1.i386.rpm
       220683 dfeb6db3975b07e02b563836f310e006

<Turbolinux Server 6.1>

   Source Packages
   Size : MD5

   tcpdump-3.7.2-1.src.rpm
       434120 e2d4c21ce155f1f7c4f5eb73385041b1

   Binary Packages
   Size : MD5

   tcpdump-3.7.2-1.i386.rpm
       220690 45aa1ec42bc9c90f9f79f23664e90052

<Turbolinux Workstation 6.0>

   Source Packages
   Size : MD5

   tcpdump-3.7.2-1.src.rpm
       434120 d8b34c9e00463cd977cc36f7cb35bdbb

   Binary Packages
   Size : MD5

   tcpdump-3.7.2-1.i386.rpm
       220686 dbc29e7a6b9e2c2fdc976415f6fad1c0

References :

tcpdump.org
   http://www.tcpdump.org/tcpdump-changes.txt

CVE
   [CAN-2003-0108]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0108

--------------------------------------------------------------------------
Revision History
    12 Mar 2003 Initial release
    01 Apr 2003 modifyed file size
--------------------------------------------------------------------------

Copyright(C) 2003 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+iVspK0LzjOqIJMwRAqwnAJ4p2vPLGQHrTK5KysuRih3QqUhklACgjXDt
464NLUkuY/zj/0Q4A1DIjn8=
=d6Ec
-----END PGP SIGNATURE-----