Operating System:

[UNIX/Linux][Debian]

Published:

04 December 2014

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ESB-2014.2282 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.2282
                          tcpdump security update
                              4 December 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           tcpdump
Publisher:         Debian
Operating System:  Debian GNU/Linux 7
                   UNIX variants (UNIX, Linux, OSX)
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Access Confidential Data        -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2014-9140 CVE-2014-8769 CVE-2014-8767

Original Bulletin: 
   http://www.debian.org/security/2014/dsa-3086

Comment: This advisory references vulnerabilities in products which run on 
         platforms other than Debian. It is recommended that administrators 
         running tcpdump check for an updated version of the software for 
         their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-3086-1                   security@debian.org
http://www.debian.org/security/                      Salvatore Bonaccorso
December 03, 2014                      http://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : tcpdump
CVE ID         : CVE-2014-8767 CVE-2014-8769 CVE-2014-9140
Debian Bug     : 770424 770434

Several vulnerabilities have been discovered in tcpdump, a command-line
network traffic analyzer. These vulnerabilities might result in denial
of service, leaking sensitive information from memory or, potentially,
execution of arbitrary code.

For the stable distribution (wheezy), these problems have been fixed in
version 4.3.0-1+deb7u1.

For the upcoming stable distribution (jessie), these problems have been
fixed in version 4.6.2-3.

For the unstable distribution (sid), these problems have been fixed in
version 4.6.2-3.

We recommend that you upgrade your tcpdump packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUf1yOAAoJEAVMuPMTQ89EnmsP/3WESLIPqyv0RVx0IPPRrvLP
q1qri8ROuIMryu88ybOOCwo96OsnnO3lGeiJUzOUp6B+bgyJQKgQg6+oCq8MpJ3z
YhKROPKNeW9j+fdtLqua6RPp2nFQNf4FemCOaIs1oM2aL4wye/iuXwXXF/i6eWve
qQ2Ugjj/ahtxAPNRIte4XQK4q0OipopqZYNe3sdWP0jmQwYoFnpgrQHBlalx0GMm
STlykW8HhLVCyxlY16ENLyzCqjD8GT3osjhx6/k0997kkO/M0eEwKwvx44VhOmDl
p5m5tOPZJ+yUVQPNujDUJRLTsbMLSlZhzpWVJ9SOFyyY97zQ1y6lFFM3aXdXPOUV
NJ51bXXexZb5OrTShsYFEM9GT9EOqLJl/PDbhrEb+1QETovDUR4JVK6VIy7yEZPO
DEaFEH7t1GXE9jrX9U9tn9iIywndfz3vzvK1eTy9JMc/2qNz4/M+Ppvasu6Xmqg1
JU3w+jiq1KleXaLHG2EKnlEuhM8rz3Eh6cTb8vwcXmJgwzcc8CW8KJWQghVfGO+d
9wjxrToRWpieV66RhIdp4ZZ2K+S0U1AvNy+a8plKAfiiyLQC5eflZyNg5ckTDL4d
HvgOSuqYEoY9F20mV++/IQVW0ML2gGpQmhmnm53qNJ460miqyfrc0rWItMRT4OU3
IG5Q3GWMrw7bjLm2WGLD
=71H0
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVH+a8hLndAQH1ShLAQIckg//da8CBrej6XAs3XEzCQNwbE/IQfB4ePm+
KftV3jvpW8tbWUctbXUrgfEguNpaJbUjh1dDhzSE9BzWlEV9ZBd/zfbms0Su6eWh
rjijJcb+j0a/lv8fHuhtpY8e9BP7nJAhQMA2ZLoKa3b/A43ZmFU5QCxHbI2rhHAB
EDXH2eavuTKkH4/oSmT3dfi/9l6tJJKIbijWdY0tHjPfLFd5DRbEIBTayhS+lKj5
bEoXPaLvg7vNQwCQe+Vpz4N+tewdyAOomud+ZAWliSPspZOkKuEUzH3VcjdYSwjm
ewBeCf2Sl+cpTSbvMFE/BjHT+VMV67xhF4GjlOmeClW0NtJ0TzRoY0SCAtanpjG9
K6woJJ3t0YeaTE3IJkoR115kOzFw+fnhGH55FFLVyloNOQWCg6jaYnsdX2wImAz8
iGUxj+wcS2RSpda2xSzPNKO/KDr6zrXadqA8CB/xOzj+Cit1gC8G7Jn0Oon2Quea
UN2oB2szy1qwODdKTMhxhb67X5tGeyt9QW8QwUsO7dbL0yBOpajghG+3KPZyfJTp
5M8AhRVsufYj9Ed5yxMN6DVBiBPGk3oJAX3GlJv3//sgmetGThSgew1ddHF6t5IE
pl9WOf2ivAAIyzBGMv5Dl8z7m58j1DpI+YerDEovEuIfIbQ7vWUFhIACzvDxkFzx
3eZSE3KS0/o=
=2Rij
-----END PGP SIGNATURE-----