(RHSA-2003:151) tcpdump security update

2003-06-0900:00:00

access.redhat.com

EPSS

0.019

Percentile

88.7%

JSON

Tcpdump is a command-line tool for monitoring network traffic.

A vulnerability exists in tcpdump before 3.7.2 and is related to an
inability to handle unknown RADIUS attributes properly. This vulnerability
allows remote attackers to cause a denial of service (infinite loop).

The Red Hat tcpdump packages advertise that, by default, tcpdump will drop
privileges to user ‘pcap’. Due to a compilation error this did not
happen, and tcpdump would run as root unless the ‘-U’ flag was specified.

Users of tcpdump are advised to upgrade to these errata packages, which
contain a patch correcting the RADIUS issue and are compiled so that by
default tcpdump will drop privileges to the ‘pcap’ user.

OSVersionArchitecturePackageVersionFilename
RedHatanyi386arpwatch< 2.1a11-12.2.1AS.4arpwatch-2.1a11-12.2.1AS.4.i386.rpm
RedHatanyia64arpwatch< 2.1a11-12.2.1AS.4arpwatch-2.1a11-12.2.1AS.4.ia64.rpm
RedHatanyi386tcpdump< 3.6.2-12.2.1AS.4tcpdump-3.6.2-12.2.1AS.4.i386.rpm
RedHatanyi386libpcap< 0.6.2-12.2.1AS.4libpcap-0.6.2-12.2.1AS.4.i386.rpm
RedHatanyia64tcpdump< 3.6.2-12.2.1AS.4tcpdump-3.6.2-12.2.1AS.4.ia64.rpm
RedHatanyia64libpcap< 0.6.2-12.2.1AS.4libpcap-0.6.2-12.2.1AS.4.ia64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	i386	arpwatch	< 2.1a11-12.2.1AS.4	arpwatch-2.1a11-12.2.1AS.4.i386.rpm
RedHat	any	ia64	arpwatch	< 2.1a11-12.2.1AS.4	arpwatch-2.1a11-12.2.1AS.4.ia64.rpm
RedHat	any	i386	tcpdump	< 3.6.2-12.2.1AS.4	tcpdump-3.6.2-12.2.1AS.4.i386.rpm
RedHat	any	i386	libpcap	< 0.6.2-12.2.1AS.4	libpcap-0.6.2-12.2.1AS.4.i386.rpm
RedHat	any	ia64	tcpdump	< 3.6.2-12.2.1AS.4	tcpdump-3.6.2-12.2.1AS.4.ia64.rpm
RedHat	any	ia64	libpcap	< 0.6.2-12.2.1AS.4	libpcap-0.6.2-12.2.1AS.4.ia64.rpm

EPSS

0.019

Percentile

88.7%

JSON

Related for RHSA-2003:151