Package "tcpdump"
Name: |
tcpdump
|
Description: |
command-line network traffic analyzer
|
Latest version: |
4.9.2-0ubuntu0.14.04.1 |
Release: |
trusty (14.04) |
Level: |
security |
Repository: |
main |
Homepage: |
http://www.tcpdump.org/ |
Links
Download "tcpdump"
Other versions of "tcpdump" in Trusty
Changelog
tcpdump (4.9.0-1ubuntu1~ubuntu14.04.1) trusty-security; urgency=medium
* Backport to trusty to fix CVEs (LP: #1662177).
* Reset libpcap dependency to trusty version
* Enable crypto support, dropped in zesty because of openssl.
* Disable some tests failing with older pcap versions
|
Source diff to previous version |
|
tcpdump (4.5.1-2ubuntu1.2) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution via
multiple issues (LP: #1444363)
- debian/patches/60_cve-2015-0261.diff: check lengths in
print-mobility.c.
- debian/patches/60_cve-2015-2153.diff: check length in
print-rpki-rtr.c.
- debian/patches/60_cve-2015-2153-fix-regression.diff: more length
checks in print-rpki-rtr.c.
- debian/patches/60_cve-2015-2154.diff: check lengths in
print-isoclns.c.
- debian/patches/60_cve-2015-2155.diff: make sure ops->print is valid
in print-forces.c.
- CVE-2015-0261
- CVE-2015-2153
- CVE-2015-2154
- CVE-2015-2155
-- Marc Deslauriers <email address hidden> Fri, 24 Apr 2015 13:06:07 -0400
|
Source diff to previous version |
1444363 |
tcpdump missing some CVEs |
CVE-2015-0261 |
Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a d |
CVE-2015-2153 |
The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service ( |
CVE-2015-2154 |
The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service |
CVE-2015-2155 |
The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspec |
|
tcpdump (4.5.1-2ubuntu1.1) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution in
olsr_print
- debian/patches/CVE-2014-8767.patch: improve bounds checking and
error handling in print-olsr.c.
- CVE-2014-8767
* SECURITY UPDATE: denial of service and possible code execution in
geonet_print
- debian/patches/CVE-2014-8768.patch: improve bounds checking and
length checking in print-geonet.c.
- CVE-2014-8768
* SECURITY UPDATE: denial of service and possible code execution in
print-aodv.c
- debian/patches/CVE-2014-8769.patch: improve bounds checking and
length checking in print-aodv.c, aodv.h.
- CVE-2014-8769
* SECURITY UPDATE: denial of service and possible code execution in
print-ppp.c
- debian/patches/CVE-2014-9140.patch: improve bounds checking in
print-ppp.c.
- CVE-2014-9140
-- Marc Deslauriers <email address hidden> Wed, 03 Dec 2014 16:39:30 -0500
|
CVE-2014-8767 |
Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of servi |
CVE-2014-8768 |
Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allow remote attackers to cause a deni |
CVE-2014-8769 |
tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segme |
CVE-2014-9140 |
buffer overflow in the PPP dissector |
|
About
-
Send Feedback to @ubuntu_updates