Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2005:087 (tcpdump)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52682

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2005:087 (tcpdump)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to tcpdump
announced via advisory MDKSA-2005:087.

A number of Denial of Service vulnerabilities were discovered in the
way that tcpdump processes certain network packets. If abused, these
flaws can allow a remote attacker to inject a carefully crafted packet
onto the network, crashing tcpdump.

The provided packages have been patched to correct these issues.

Affected versions: 10.0, 10.1, 10.2, Corporate 3.0,
Corporate Server 2.1

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2005:087

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-1278
13392
http://www.securityfocus.com/bid/13392
15125
http://secunia.com/advisories/15125
18146
http://secunia.com/advisories/18146
20050426 tcpdump[v3.8.x/v3.9.1]: ISIS, BGP, and LDP infinite loop DOS exploits.
http://www.securityfocus.com/archive/1/396932
FLSA:156139
http://www.securityfocus.com/archive/1/430292/100/0/threaded
RHSA-2005:417
http://www.redhat.com/support/errata/RHSA-2005-417.html
RHSA-2005:421
http://www.redhat.com/support/errata/RHSA-2005-421.html
SCOSA-2005.60
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60/SCOSA-2005.60.txt
oval:org.mitre.oval:def:10159
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10159
Common Vulnerability Exposure (CVE) ID: CVE-2005-1279
13389
http://www.securityfocus.com/bid/13389
17101
http://secunia.com/advisories/17101
DSA-850
http://www.debian.org/security/2005/dsa-850
oval:org.mitre.oval:def:9601
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9601
Common Vulnerability Exposure (CVE) ID: CVE-2005-1280
13390
http://www.securityfocus.com/bid/13390
20050426 tcpdump(/ethereal)[]: (RSVP) rsvp_print() infinite loop DOS.
http://www.securityfocus.com/archive/1/396930
oval:org.mitre.oval:def:10732
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10732

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52682
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2005:087 (tcpdump)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to tcpdump announced via advisory MDKSA-2005:087. A number of Denial of Service vulnerabilities were discovered in the way that tcpdump processes certain network packets. If abused, these flaws can allow a remote attacker to inject a carefully crafted packet onto the network, crashing tcpdump. The provided packages have been patched to correct these issues. Affected versions: 10.0, 10.1, 10.2, Corporate 3.0, Corporate Server 2.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2005:087 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1278 13392 http://www.securityfocus.com/bid/13392 15125 http://secunia.com/advisories/15125 18146 http://secunia.com/advisories/18146 20050426 tcpdump[v3.8.x/v3.9.1]: ISIS, BGP, and LDP infinite loop DOS exploits. http://www.securityfocus.com/archive/1/396932 FLSA:156139 http://www.securityfocus.com/archive/1/430292/100/0/threaded RHSA-2005:417 http://www.redhat.com/support/errata/RHSA-2005-417.html RHSA-2005:421 http://www.redhat.com/support/errata/RHSA-2005-421.html SCOSA-2005.60 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60/SCOSA-2005.60.txt oval:org.mitre.oval:def:10159 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10159 Common Vulnerability Exposure (CVE) ID: CVE-2005-1279 13389 http://www.securityfocus.com/bid/13389 17101 http://secunia.com/advisories/17101 DSA-850 http://www.debian.org/security/2005/dsa-850 oval:org.mitre.oval:def:9601 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9601 Common Vulnerability Exposure (CVE) ID: CVE-2005-1280 13390 http://www.securityfocus.com/bid/13390 20050426 tcpdump(/ethereal)[]: (RSVP) rsvp_print() infinite loop DOS. http://www.securityfocus.com/archive/1/396930 oval:org.mitre.oval:def:10732 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10732
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com