You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa tcpdump

Sigurnosni nedostaci programskog paketa tcpdump

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2017-7ecbc90157
2017-02-14 15:09:31.372618
——————————————————————————–

Name : tcpdump
Product : Fedora 25
Version : 4.9.0
Release : 1.fc25
URL : http://www.tcpdump.org
Summary : A network traffic monitoring tool
Description :
Tcpdump is a command-line tool for monitoring network traffic.
Tcpdump can capture and display the packet headers on a particular
network interface or on all interfaces. Tcpdump can display all of
the packet headers, or just the ones that match particular criteria.

Install tcpdump if you need a program to monitor network traffic.

——————————————————————————–
Update Information:

Security fix for CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925,
CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930,
CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935,
CVE-2016-7936, CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940,
CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984,
CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574,
CVE-2016-8575, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205,
CVE-2017-5341, CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484,
CVE-2017-5485, CVE-2017-5486
——————————————————————————–
References:

[ 1 ] Bug #1419066 – CVE-2016-7922 tcpdump: multiple overflow issues in protocol decoding
https://bugzilla.redhat.com/show_bug.cgi?id=1419066
[ 2 ] Bug #1419067 – CVE-2016-7923 tcpdump: Buffer overflow in ARP parser in print-arp.c:arp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419067
[ 3 ] Bug #1419068 – CVE-2016-7924 tcpdump: Buffer overflow in ATM parser in print-atm.c:oam_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419068
[ 4 ] Bug #1419070 – CVE-2016-7925 tcpdump: Buffer overflow in compressed SLIP parser in print-sl.c:sl_if_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419070
[ 5 ] Bug #1419071 – CVE-2016-7926 tcpdump: Buffer overflow in Ethernet parser in print-ether.c:ethertype_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419071
[ 6 ] Bug #1419072 – CVE-2016-7927 tcpdump: Buffer overflow in IEEE 802.11 parser in print-802_11.c:ieee802_11_radio_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419072
[ 7 ] Bug #1419073 – CVE-2016-7928 tcpdump: Buffer overflow in IPComp parser in print-ipcomp.c:ipcomp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419073
[ 8 ] Bug #1419074 – CVE-2016-7929 tcpdump: Buffer overflow in Juniper PPPoE ATM parser in print-juniper.c:juniper_parse_header()
https://bugzilla.redhat.com/show_bug.cgi?id=1419074
[ 9 ] Bug #1419075 – CVE-2016-7930 tcpdump: Buffer overflow in LLC parser in print-llc.c:llc_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419075
[ 10 ] Bug #1419076 – CVE-2016-7931 tcpdump: Buffer overflow in MPLS parser in print-mpls.c:mpls_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419076
[ 11 ] Bug #1419077 – CVE-2016-7932 tcpdump: Buffer overflow in PIM parser in print-pim.c:pimv2_check_checksum()
https://bugzilla.redhat.com/show_bug.cgi?id=1419077
[ 12 ] Bug #1419078 – CVE-2016-7933 tcpdump: Buffer overflow in PPP parser in print-ppp.c:ppp_hdlc_if_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419078
[ 13 ] Bug #1419079 – CVE-2016-7934 tcpdump: Buffer overflow in RTCP parser in print-udp.c:rtcp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419079
[ 14 ] Bug #1419080 – CVE-2016-7935 tcpdump: Buffer overflow in RTP parser in print-udp.c:rtp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419080
[ 15 ] Bug #1419081 – CVE-2016-7936 tcpdump: Buffer overflow in UDP parser in print-udp.c:udp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419081
[ 16 ] Bug #1419082 – CVE-2016-7937 tcpdump: Buffer overflow in VAT parser in print-udp.c:vat_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419082
[ 17 ] Bug #1419083 – CVE-2016-7938 tcpdump: Integer overflow in ZeroMQ parser in print-zeromq.c:zmtp1_print_frame()
https://bugzilla.redhat.com/show_bug.cgi?id=1419083
[ 18 ] Bug #1419085 – CVE-2016-7939 tcpdump: Buffer overflow in GRE parser in print-gre.c, multiple functions
https://bugzilla.redhat.com/show_bug.cgi?id=1419085
[ 19 ] Bug #1419087 – CVE-2016-7940 tcpdump: Buffer overflow in STP parser in print-stp.c, multiple functions
https://bugzilla.redhat.com/show_bug.cgi?id=1419087
[ 20 ] Bug #1419088 – CVE-2016-7973 tcpdump: Buffer overflow in AppleTalk parser in print-atalk.c, multiple functions
https://bugzilla.redhat.com/show_bug.cgi?id=1419088
[ 21 ] Bug #1419089 – CVE-2016-7974 tcpdump: Buffer overflow in IP parser in print-ip.c, multiple functions
https://bugzilla.redhat.com/show_bug.cgi?id=1419089
[ 22 ] Bug #1419090 – CVE-2016-7975 tcpdump: Buffer overflow in TCP parser in print-tcp.c:tcp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419090
[ 23 ] Bug #1419091 – CVE-2016-7983 tcpdump: Buffer overflow in BOOTP parser in print-bootp.c:bootp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419091
[ 24 ] Bug #1419093 – CVE-2016-7984 tcpdump: Buffer overflow in TFTP parser in print-tftp.c:tftp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419093
[ 25 ] Bug #1419094 – CVE-2016-7985 tcpdump: Buffer overflow in CALM FAST parser in print-calm-fast.c:calm_fast_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419094
[ 26 ] Bug #1419095 – CVE-2016-7986 tcpdump: Buffer overflow in GeoNetworking parser in print-geonet.c, multiple functions
https://bugzilla.redhat.com/show_bug.cgi?id=1419095
[ 27 ] Bug #1419097 – CVE-2016-7992 tcpdump: Buffer overflow in Classical IP over ATM parser in print-cip.c:cip_if_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419097
[ 28 ] Bug #1419098 – CVE-2016-7993 tcpdump: Buffer overflow in util-print.c:relts_print() in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM)
https://bugzilla.redhat.com/show_bug.cgi?id=1419098
[ 29 ] Bug #1419099 – CVE-2016-8574 tcpdump: Buffer overflow in FRF.15 parser in print-fr.c:frf15_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419099
[ 30 ] Bug #1419100 – CVE-2016-8575 tcpdump: Buffer overflow in Q.933 parser in print-fr.c:q933_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419100
[ 31 ] Bug #1419101 – CVE-2017-5202 tcpdump: Buffer overflow in ISO CLNS parser in print-isoclns.c:clnp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419101
[ 32 ] Bug #1419102 – CVE-2017-5203 tcpdump: Buffer overflow in BOOTP parser in print-bootp.c:bootp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419102
[ 33 ] Bug #1419103 – CVE-2017-5204 tcpdump: Buffer overflow in IPv6 parser in print-ip6.c:ip6_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419103
[ 34 ] Bug #1419104 – CVE-2017-5205 tcpdump: Buffer overflow in ISAKMP parser in print-isakmp.c:ikev2_e_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419104
[ 35 ] Bug #1419106 – CVE-2017-5341 tcpdump: Buffer overflow in OTV parser in print-otv.c:otv_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419106
[ 36 ] Bug #1419112 – CVE-2017-5342 tcpdump: Buffer overflow in print-ether.c:ether_print() in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE)
https://bugzilla.redhat.com/show_bug.cgi?id=1419112
[ 37 ] Bug #1419107 – CVE-2017-5482 tcpdump: Buffer overflow in Q.933 parser in print-fr.c:q933_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419107
[ 38 ] Bug #1419108 – CVE-2017-5483 tcpdump: Buffer overflow in SNMP parser in print-snmp.c:asn1_parse()
https://bugzilla.redhat.com/show_bug.cgi?id=1419108
[ 39 ] Bug #1419109 – CVE-2017-5484 tcpdump: Buffer overflow in ATM parser in print-atm.c:sig_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419109
[ 40 ] Bug #1419110 – CVE-2017-5485 tcpdump: Buffer overflow in ISO CLNS parser in addrtoname.c:lookup_nsap()
https://bugzilla.redhat.com/show_bug.cgi?id=1419110
[ 41 ] Bug #1419111 – CVE-2017-5486 tcpdump: Buffer overflow in ISO CLNS parser in print-isoclns.c:clnp_print()
https://bugzilla.redhat.com/show_bug.cgi?id=1419111
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade tcpdump’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

AutorDanijel Kozinovic
Cert idNCERT-REF-2017-02-0102-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa Linux Kernel

Otkriveni su sigurnosni nedostaci u programskom paketu Linux Kernel za operacijski sustav SUSE. Otkriveni nedostaci potencijalnim lokalnim napadačima omogućuju stjecanje...

Close