CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
93.9%
CentOS Errata and Security Advisory CESA-2005:505
Tcpdump is a command line tool for monitoring network traffic.
A denial of service bug was found in tcpdump during the processing of
certain network packets. It is possible for an attacker to inject a
carefully crafted packet onto the network, crashing a running tcpdump
session. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2005-1267 to this issue.
Users of tcpdump are advised to upgrade to these erratum packages, which
contain backported security patches and are not vulnerable to these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-June/073977.html
https://lists.centos.org/pipermail/centos-announce/2005-June/073978.html
https://lists.centos.org/pipermail/centos-announce/2005-June/074001.html
Affected packages:
arpwatch
libpcap
tcpdump
Upstream details at:
https://access.redhat.com/errata/RHSA-2005:505
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 4 | i386 | arpwatch | < 2.1a13-10.RHEL4 | arpwatch-2.1a13-10.RHEL4.i386.rpm |
CentOS | 4 | i386 | libpcap | < 0.8.3-10.RHEL4 | libpcap-0.8.3-10.RHEL4.i386.rpm |
CentOS | 4 | i386 | tcpdump | < 3.8.2-10.RHEL4 | tcpdump-3.8.2-10.RHEL4.i386.rpm |
CentOS | 4 | x86_64 | arpwatch | < 2.1a13-10.RHEL4 | arpwatch-2.1a13-10.RHEL4.x86_64.rpm |
CentOS | 4 | x86_64 | libpcap | < 0.8.3-10.RHEL4 | libpcap-0.8.3-10.RHEL4.x86_64.rpm |
CentOS | 4 | x86_64 | tcpdump | < 3.8.2-10.RHEL4 | tcpdump-3.8.2-10.RHEL4.x86_64.rpm |
CentOS | 4 | i386 | tcpdump | < 3.8.2-10.RHEL4 | tcpdump-3.8.2-10.RHEL4.i386.rpm |
CentOS | 4 | ia64 | arpwatch | < 2.1a13-10.RHEL4 | arpwatch-2.1a13-10.RHEL4.ia64.rpm |
CentOS | 4 | ia64 | libpcap | < 0.8.3-10.RHEL4 | libpcap-0.8.3-10.RHEL4.ia64.rpm |
CentOS | 4 | ia64 | tcpdump | < 3.8.2-10.RHEL4 | tcpdump-3.8.2-10.RHEL4.ia64.rpm |