CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
Low
EPSS
Percentile
93.5%
Debian Security Advisory DSA-1443-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
January 03, 2008 http://www.debian.org/security/faq
Package : tcpreen
Vulnerability : buffer overflows
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2007-6562
It was discovered that several buffer overflows in tcpreen, a tool for
monitoring a TCP connection may lead to denial of service.
For the stable distribution (etch), this problem has been fixed in
version 1.4.3-0.1etch1.
The old stable distribution (sarge) doesn't contain tcpreen.
For the unstable distribution (sid), this problem has been fixed in
version 1.4.3-0.3.
We recommend that you upgrade your tcpreen package.
Upgrade instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian 4.0 (stable)
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3-0.1etch1.dsc
Size/MD5 checksum: 579 83c33a7131f3191048aba4b610e292ca
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3.orig.tar.gz
Size/MD5 checksum: 232290 5600968d012f8353e4e0797d4c330393
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3-0.1etch1.diff.gz
Size/MD5 checksum: 26016 b1af9b7571c037713b123f33e5e79721
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3-0.1etch1_alpha.deb
Size/MD5 checksum: 44064 5dc26f1233f232305b7c8d2e2e2cb4ac
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3-0.1etch1_amd64.deb
Size/MD5 checksum: 42494 5cc27918abcac4a19eb661894005e963
arm architecture (ARM)
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3-0.1etch1_arm.deb
Size/MD5 checksum: 39378 10c0d8bd70154755e372318e39f10266
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3-0.1etch1_hppa.deb
Size/MD5 checksum: 43848 7039041a01ddcd25e74cfb6c025d3e6c
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3-0.1etch1_i386.deb
Size/MD5 checksum: 40274 bcd58bac3ae59767861a9fee6653e882
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3-0.1etch1_ia64.deb
Size/MD5 checksum: 48438 85ac614d61faa5a66d7e14efd5490daf
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3-0.1etch1_mips.deb
Size/MD5 checksum: 43610 9fb5942fc0d95e87c2a8e3964c30b8d7
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3-0.1etch1_mipsel.deb
Size/MD5 checksum: 43620 e9b81ad8b5e0f05501c264b5efd6ed7f
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3-0.1etch1_powerpc.deb
Size/MD5 checksum: 40848 43b0d65c0a8445d7d5880f87a5fbb005
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3-0.1etch1_s390.deb
Size/MD5 checksum: 41020 e4d80551b7ffe958f9ad7103b2973087
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/t/tcpreen/tcpreen_1.4.3-0.1etch1_sparc.deb
Size/MD5 checksum: 39366 e897ed3d4b1d0b85225f88f8a0cc0990
These files will probably be moved into the stable distribution on
its next update.
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 4 | arm | tcpreen | < 1.4.3-0.1etch1 | tcpreen_1.4.3-0.1etch1_arm.deb |
Debian | 4 | mips | tcpreen | < 1.4.3-0.1etch1 | tcpreen_1.4.3-0.1etch1_mips.deb |
Debian | 4 | alpha | tcpreen | < 1.4.3-0.1etch1 | tcpreen_1.4.3-0.1etch1_alpha.deb |
Debian | 4 | amd64 | tcpreen | < 1.4.3-0.1etch1 | tcpreen_1.4.3-0.1etch1_amd64.deb |
Debian | 4 | mipsel | tcpreen | < 1.4.3-0.1etch1 | tcpreen_1.4.3-0.1etch1_mipsel.deb |
Debian | 4 | powerpc | tcpreen | < 1.4.3-0.1etch1 | tcpreen_1.4.3-0.1etch1_powerpc.deb |
Debian | 4 | hppa | tcpreen | < 1.4.3-0.1etch1 | tcpreen_1.4.3-0.1etch1_hppa.deb |
Debian | 4 | s390 | tcpreen | < 1.4.3-0.1etch1 | tcpreen_1.4.3-0.1etch1_s390.deb |
Debian | 4 | i386 | tcpreen | < 1.4.3-0.1etch1 | tcpreen_1.4.3-0.1etch1_i386.deb |
Debian | 4 | sparc | tcpreen | < 1.4.3-0.1etch1 | tcpreen_1.4.3-0.1etch1_sparc.deb |