CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
98.4%
CentOS Errata and Security Advisory CESA-2005:417
Tcpdump is a command-line tool for monitoring network traffic.
Several denial of service bugs were found in the way tcpdump processes
certain network packets. It is possible for an attacker to inject a
carefully crafted packet onto the network, crashing a running tcpdump
session. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CAN-2005-1278, CAN-2005-1279, and CAN-2005-1280 to
these issues.
The tcpdump utility can now write a file larger than 2 GB.
Users of tcpdump are advised to upgrade to these erratum packages, which
contain backported security patches and are not vulnerable to these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-May/073804.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073810.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073812.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073813.html
https://lists.centos.org/pipermail/centos-announce/2005-May/073816.html
Affected packages:
arpwatch
libpcap
tcpdump
Upstream details at:
https://access.redhat.com/errata/RHSA-2005:417
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | i386 | arpwatch | < 2.1a13-9.RHEL4 | arpwatch-2.1a13-9.RHEL4.i386.rpm |
CentOS | 4 | i386 | libpcap | < 0.8.3-9.RHEL4 | libpcap-0.8.3-9.RHEL4.i386.rpm |
CentOS | 4 | i386 | tcpdump | < 3.8.2-9.RHEL4 | tcpdump-3.8.2-9.RHEL4.i386.rpm |
CentOS | 4 | x86_64 | arpwatch | < 2.1a13-9.RHEL4 | arpwatch-2.1a13-9.RHEL4.x86_64.rpm |
CentOS | 4 | x86_64 | libpcap | < 0.8.3-9.RHEL4 | libpcap-0.8.3-9.RHEL4.x86_64.rpm |
CentOS | 4 | i386 | libpcap | < 0.8.3-9.RHEL4 | libpcap-0.8.3-9.RHEL4.i386.rpm |
CentOS | 4 | x86_64 | tcpdump | < 3.8.2-9.RHEL4 | tcpdump-3.8.2-9.RHEL4.x86_64.rpm |
CentOS | 3 | ia64 | arpwatch | < 2.1a11-7.E3.5 | arpwatch-2.1a11-7.E3.5.ia64.rpm |
CentOS | 3 | ia64 | libpcap | < 0.7.2-7.E3.5 | libpcap-0.7.2-7.E3.5.ia64.rpm |
CentOS | 3 | ia64 | tcpdump | < 3.7.2-7.E3.5 | tcpdump-3.7.2-7.E3.5.ia64.rpm |