Ubuntu Security Notice USN-119-1
6th May, 2005
tcpdump vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 5.04
- Ubuntu 4.10
Details
It was discovered that certain invalid GRE, LDP, BGP, and RSVP packets
triggered infinite loops in tcpdump, which caused tcpdump to stop
working. This could be abused by a remote attacker to bypass tcpdump
analysis of network traffic.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 5.04:
- tcpdump
- Ubuntu 4.10:
- tcpdump
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
None