Summary: | net-analyzer/tcpdump: TCPDump {ISIS|RSVP|LDP|BGP} Decoding Routines Denial Of Service Vulnerability | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Adir Abraham <adirab> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | CC: | netmon | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://www.securityfocus.com/bid/13392/info/ | ||||||
Whiteboard: | A3 [glsa] jaervosz | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Adir Abraham
2005-04-26 14:18:16 UTC
More info: RSVP: http://www.securityfocus.com/bid/13390 LDP: http://www.securityfocus.com/bid/13389 BGP: http://www.securityfocus.com/bid/13380 Vulns: http://www.securityfocus.com/data/vulnerabilities/exploits/xtcpdump+ethr-rsvp-dos.c http://www.securityfocus.com/data/vulnerabilities/exploits/xtcpdump-ldp-dos.c http://www.securityfocus.com/data/vulnerabilities/exploits/xtcpdump-bgp-dos.c Correction: when I wrote "#13391", I was refering to securityfocus' number ofcourse. Gentoo's bug number about that issue is 90539 ( http://bugs.gentoo.org/show_bug.cgi?id=90539 ). Sorry. Patches are showing up in their CVS, see for example : http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-ldp.c Given the scope of this (denying service to a packet logger), probably better to wait for their release. It seems that Fedora released some updates that fix these problems. You might want to check http://secunia.com/advisories/15237/ Or in http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ check: 4b740bfe93581978552145842e23898d SRPMS/tcpdump-3.8.2-8.FC3.src.rpm 380ab25ad5a4908c2b8bf8461c29317a x86_64/tcpdump-3.8.2-8.FC3.x86_64.rpm e25dadaa9ab7e602ab6c9b4aee51b536 x86_64/libpcap-0.8.3-8.FC3.x86_64.rpm f0bcba7f52b8a0c10a5b11488313cb3e x86_64/arpwatch-2.1a13-8.FC3.x86_64.rpm 0f7d020a9e50561b9fbb41ccc135ab24 x86_64/debug/tcpdump-debuginfo-3.8.2-8.FC3.x86_64.rpm a50375f8e7edf7a88dea70dcb5df98c4 x86_64/libpcap-0.8.3-8.FC3.i386.rpm 031f3ec5c206b4616f2b30f4949ad345 i386/tcpdump-3.8.2-8.FC3.i386.rpm a50375f8e7edf7a88dea70dcb5df98c4 i386/libpcap-0.8.3-8.FC3.i386.rpm 7fcb261a49f062939946d84a7816b864 i386/arpwatch-2.1a13-8.FC3.i386.rpm c5006240d5c4c6e4f9c892c882a1ca7b i386/debug/tcpdump-debuginfo-3.8.2-8.FC3.i386.rpm Ubuntu also released their fix. Netmon please provide an updated ebuild. Created attachment 58223 [details, diff] tcpdump-3.8.3-gentoo.patch This patch is based off Debian's 50_misc_dos.dpatch. http://packages.qa.debian.org/t/tcpdump.html Marcelo/netmon please commit an updated ebuild. Security can handle stable marking if necessary. tcpdump-3.8.3-r2.ebuild in CVS, ready for keywording x86 and ppc stable. amd64 happy sparc stable. Stable on hppa. ppc64 is stable Stable on alpha + ia64. GLSA 200505-06 mips, arm please remember to mark stable to benefit from the GLSA. Later version already stable on mips. |