Bugtraq mailing list archives
[OpenPKG-SA-2003.014] OpenPKG Security Advisory (tcpdump)
From: OpenPKG <openpkg () openpkg org>
Date: Tue, 4 Mar 2003 12:04:26 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security () openpkg org openpkg () openpkg org OpenPKG-SA-2003.014 04-Mar-2003 ________________________________________________________________________ Package: tcpdump Vulnerability: denial of service OpenPKG Specific: no Affected Releases: Affected Packages: Corrected Packages: OpenPKG CURRENT <= tcpdump-3.7.1-20020822 >= tcpdump-3.7.2-20030227 OpenPKG 1.2 <= tcpdump-3.7.1-1.2.0 >= tcpdump-3.7.1-1.2.1 OpenPKG 1.1 <= tcpdump-3.7.1-1.1.0 >= tcpdump-3.7.1-1.1.1 Dependent Packages: none Description: Andrew Griffiths and iDEFENSE Labs discovered [1] a vulnerability in tcpdump [0] which can result in a Denial of Service (DoS) attack due to an endless processing loop consuming CPU resources when parsing malformed ISAKMP packets (UDP, port 500). The Common Vulnerabilities and Exposures (CVE) project assigned the id CAN-2003-0108 [2] to the problem. Similarily, another DoS attack is possible because tcpdump enters also an endless processing loop consuming CPU resources when parsing malformed BGP packets (TCP, port 179). Finally, a buffer overflow is possible when parsing malformed NFS packets (UDP, port 2049). Please check whether you are affected by running "<prefix>/bin/rpm -q tcpdump". If you have the "tcpdump" package installed and its version is affected (see above), we recommend that you immediately upgrade it (see Solution) and it's dependent packages (see above), if any, too. [3][4] Solution: Select the updated source RPM appropriate for your OpenPKG release [5][6], fetch it from the OpenPKG FTP service [7][8] or a mirror location, verify its integrity [9], build a corresponding binary RPM from it [3] and update your OpenPKG installation by applying the binary RPM [4]. For the current release OpenPKG 1.2, perform the following operations to permanently fix the security problem (for other releases adjust accordingly). $ ftp ftp.openpkg.org ftp> bin ftp> cd release/1.2/UPD ftp> get tcpdump-3.7.1-1.2.1.src.rpm ftp> bye $ <prefix>/bin/rpm -v --checksig tcpdump-3.7.1-1.2.1.src.rpm $ <prefix>/bin/rpm --rebuild tcpdump-3.7.1-1.2.1.src.rpm $ su - # <prefix>/bin/rpm -Fvh <prefix>/RPM/PKG/tcpdump-3.7.1-1.2.1.*.rpm ________________________________________________________________________ References: [0] http://www.tcpdump.org/ [1] http://www.idefense.com/advisory/02.27.03.txt [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0108 [3] http://www.openpkg.org/tutorial.html#regular-source [4] http://www.openpkg.org/tutorial.html#regular-binary [5] ftp://ftp.openpkg.org/release/1.1/UPD/tcpdump-3.7.1-1.1.1.src.rpm [6] ftp://ftp.openpkg.org/release/1.2/UPD/tcpdump-3.7.1-1.2.1.src.rpm [7] ftp://ftp.openpkg.org/release/1.1/UPD/ [8] ftp://ftp.openpkg.org/release/1.2/UPD/ [9] http://www.openpkg.org/security.html#signature ________________________________________________________________________ For security reasons, this advisory was digitally signed with the OpenPGP public key "OpenPKG <openpkg () openpkg org>" (ID 63C4CB9F) of the OpenPKG project which you can find under the official URL http://www.openpkg.org/openpkg.pgp or on http://keyserver.pgp.com/. To check the integrity of this advisory, verify its digital signature by using GnuPG (http://www.gnupg.org/). For instance, pipe this message to the command "gpg --verify --keyserver keyserver.pgp.com". ________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Comment: OpenPKG <openpkg () openpkg org> iD8DBQE+ZIEOgHWT4GPEy58RArsmAKCJSLg7vWFHOJFsXG/Xq/wbtSazNgCgq8zg MOen3HEaFOKBcfB471+2kJk= =NyPy -----END PGP SIGNATURE-----
Current thread:
- [OpenPKG-SA-2003.014] OpenPKG Security Advisory (tcpdump) OpenPKG (Mar 04)