Updated tcpdump packages that fix an infinite loop vulnerability and drop
privileges on startup are now available.
Tcpdump is a command-line tool for monitoring network traffic.
A vulnerability exists in tcpdump before 3.7.2 and is related to an
inability to handle unknown RADIUS attributes properly. This vulnerability
allows remote attackers to cause a denial of service (infinite loop).
The Red Hat tcpdump packages advertise that, by default, tcpdump will drop
privileges to user 'pcap'. Due to a compilation error this did not
happen, and tcpdump would run as root unless the '-U' flag was specified.
Users of tcpdump are advised to upgrade to these errata packages, which
contain a patch correcting the RADIUS issue and are compiled so that by
default tcpdump will drop privileges to the 'pcap' user.
| Red Hat Enterprise Linux AS (v. 2.1) |
|
| SRPMS: |
tcpdump-3.6.2-12.2.1AS.4.src.rpm
File outdated by: RHSA-2004:219 |
45ddabdbd857d20ec17f398c1a5d4b7a |
| |
| IA-32: |
arpwatch-2.1a11-12.2.1AS.4.i386.rpm
File outdated by: RHSA-2004:219 |
c86011d83600989aeca3295031d4f952 |
libpcap-0.6.2-12.2.1AS.4.i386.rpm
File outdated by: RHSA-2004:219 |
d5c3640d5946034dc5dd11fba1a04fbe |
tcpdump-3.6.2-12.2.1AS.4.i386.rpm
File outdated by: RHSA-2004:219 |
b576a7d4891cb94378378d036d63513e |
| |
| IA-64: |
arpwatch-2.1a11-12.2.1AS.4.ia64.rpm
File outdated by: RHSA-2004:219 |
edccf9928e778f58ae93702e943c0a91 |
libpcap-0.6.2-12.2.1AS.4.ia64.rpm
File outdated by: RHSA-2004:219 |
751e6ac15d16937735415cd83cf237d1 |
tcpdump-3.6.2-12.2.1AS.4.ia64.rpm
File outdated by: RHSA-2004:219 |
af4a66b557f2f5f8a97406df484b3367 |
| |
| Red Hat Enterprise Linux ES (v. 2.1) |
|
| SRPMS: |
tcpdump-3.6.2-12.2.1AS.4.src.rpm
File outdated by: RHSA-2004:219 |
45ddabdbd857d20ec17f398c1a5d4b7a |
| |
| IA-32: |
arpwatch-2.1a11-12.2.1AS.4.i386.rpm
File outdated by: RHSA-2004:219 |
c86011d83600989aeca3295031d4f952 |
libpcap-0.6.2-12.2.1AS.4.i386.rpm
File outdated by: RHSA-2004:219 |
d5c3640d5946034dc5dd11fba1a04fbe |
tcpdump-3.6.2-12.2.1AS.4.i386.rpm
File outdated by: RHSA-2004:219 |
b576a7d4891cb94378378d036d63513e |
| |
| Red Hat Enterprise Linux WS (v. 2.1) |
|
| SRPMS: |
tcpdump-3.6.2-12.2.1AS.4.src.rpm
File outdated by: RHSA-2004:219 |
45ddabdbd857d20ec17f398c1a5d4b7a |
| |
| IA-32: |
arpwatch-2.1a11-12.2.1AS.4.i386.rpm
File outdated by: RHSA-2004:219 |
c86011d83600989aeca3295031d4f952 |
libpcap-0.6.2-12.2.1AS.4.i386.rpm
File outdated by: RHSA-2004:219 |
d5c3640d5946034dc5dd11fba1a04fbe |
tcpdump-3.6.2-12.2.1AS.4.i386.rpm
File outdated by: RHSA-2004:219 |
b576a7d4891cb94378378d036d63513e |
| |
| Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor |
|
| SRPMS: |
tcpdump-3.6.2-12.2.1AS.4.src.rpm
File outdated by: RHSA-2004:219 |
45ddabdbd857d20ec17f398c1a5d4b7a |
| |
| IA-64: |
arpwatch-2.1a11-12.2.1AS.4.ia64.rpm
File outdated by: RHSA-2004:219 |
edccf9928e778f58ae93702e943c0a91 |
libpcap-0.6.2-12.2.1AS.4.ia64.rpm
File outdated by: RHSA-2004:219 |
751e6ac15d16937735415cd83cf237d1 |
tcpdump-3.6.2-12.2.1AS.4.ia64.rpm
File outdated by: RHSA-2004:219 |
af4a66b557f2f5f8a97406df484b3367 |
| |
(The unlinked packages above are only available from the Red Hat Network)
|
88881 - CAN-2003-0145 RADUIS tcpdump vulnerability
tcpdump security update