Andrew Griffiths and iDEFENSE Labs discovered a problem in tcpdump, a powerful tool for network monitoring and data acquisition. An attacker is able to send a specially crafted network packet which causes tcpdump to enter an infinite loop. In addition to the above problem the tcpdump developers discovered a potential infinite loop when parsing malformed BGP packets. They also discovered a buffer overflow that can be exploited with certain malformed NFS packets. For the stable distribution (woody) these problems have been fixed in version 3.6.2-2.3. The old stable distribution (potato) does not seem to be affected by these problems. For the unstable distribution (sid) these problems have been fixed in version 3.7.1-1.2. We recommend that you upgrade your tcpdump packages.
Andrew Griffiths and iDEFENSE Labs discovered a problem in tcpdump, a powerful tool for network monitoring and data acquisition. An attacker is able to send a specially crafted network packet which causes tcpdump to enter an infinite loop.
In addition to the above problem the tcpdump developers discovered a potential infinite loop when parsing malformed BGP packets. They also discovered a buffer overflow that can be exploited with certain malformed NFS packets.
For the stable distribution (woody) these problems have been fixed in version 3.6.2-2.3.
The old stable distribution (potato) does not seem to be affected by these problems.
For the unstable distribution (sid) these problems have been fixed in version 3.7.1-1.2.
We recommend that you upgrade your tcpdump packages.
MD5 checksums of the listed files are available in the original advisory.
Vulmon