Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.3814.2 tcpdump security update 22 October 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: tcpdump Publisher: Debian Operating System: Debian GNU/Linux 8 Debian GNU/Linux 9 Debian GNU/Linux 10 UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2019-15166 CVE-2018-16452 CVE-2018-16451 CVE-2018-16300 CVE-2018-16230 CVE-2018-16229 CVE-2018-16228 CVE-2018-16227 CVE-2018-14882 CVE-2018-14881 CVE-2018-14880 CVE-2018-14879 CVE-2018-14470 CVE-2018-14469 CVE-2018-14468 CVE-2018-14467 CVE-2018-14466 CVE-2018-14465 CVE-2018-14464 CVE-2018-14463 CVE-2018-14462 CVE-2018-14461 CVE-2018-10105 CVE-2018-10103 Original Bulletin: https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html https://lists.debian.org/debian-security-announce/2019/msg00199.html Comment: This bulletin contains two (2) Debian security advisories. This advisory references vulnerabilities in products which run on platforms other than Debian. It is recommended that administrators running tcpdump check for an updated version of the software for their operating system. Revision History: October 22 2019: Added DSA-4547-1 October 14 2019: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : tcpdump Version : 4.9.3-1~deb8u1 CVE ID : CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16451 CVE-2018-16452 CVE-2019-15166 Debian Bug : 941698 Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These security vulnerabilities might result in denial of service or, potentially, execution of arbitrary code. For Debian 8 "Jessie", these problems have been fixed in version 4.9.3-1~deb8u1. We recommend that you upgrade your tcpdump packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl2g5blfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeRpUhAAp8QTkImN2K6tb/2LCZvg4sitJ9PBgTWjOxg5d6KCIORX0MzU4rALEe56 cEOhOC663tf3DiLwrnX/+Tw5ufhRNs4yTxD+dZ/jqmHhFaKz9rtIqeqjUf+MBzyM f3hfFYf8dzenc8bfZjmvhr4G/X71oz2SeuEu5Yt+Xh9qxOG0qPwWfzy4V0C/hv2s exsz/17IK8GZvlPbbKgQJL66LalvRKFL/dksiYH1xz4chPJM0gKKg1CJ4/T57GNn vw8XGMeQsHCIlTGscwLVVK3Nvwa/DatKrjg38ywl4kGgh5FTiYH15tmnwOMO7icV Ar5M44Nq14uUiwUlY0ciybA8rAyOwNhrD16s0kxhz8Wb+dOSOtYBYhXjlKconZtH 9dw8k0AiG2wzi6Xv4x+uR6p/xrHU3TvGYRlPwvg0i5+MOc9w4P2gWlvEIRD0UTnv BG/pCXHbyOWLxGg+LXB70KbmKFt8AtipLw8nDTJcLmx48modM43uD3WQ4tAqg52d KCHNFai1Nd2LmI0Vh/XqcJcAlF5+ThFRoteBavogCxH7V7ZC9w64PpuLcXF7vTY9 nzijYX6HxzN44hETQXXftGcxsikMGxth24xk5Mb3Vgbs3+Ule5UaxnW6ar8XN+tG p4pXYAK0hcpF8SwV2WXtNKB8CAXOE6pT7lftf67hAfbSAr8udN0= =uBmT - -----END PGP SIGNATURE----- ============================================================================= - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-4547-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 21, 2019 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : tcpdump CVE ID : CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16451 CVE-2018-16452 CVE-2019-15166 Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code. For the oldstable distribution (stretch), these problems have been fixed in version 4.9.3-1~deb9u1. For the stable distribution (buster), these problems have been fixed in version 4.9.3-1~deb10u1. We recommend that you upgrade your tcpdump packages. For the detailed security status of tcpdump please refer to its security tracker page at: https://security-tracker.debian.org/tracker/tcpdump Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl2uIaAACgkQEMKTtsN8 Tjb5ZA/9FxAE0uHVnbXapPaDdrf4JOElV9+iZho4b87YuSXZKch7y/xUtlHMx6Jy 9iYzUd2Cwg0OPRyZii3PjiGSxSrKW9xTYnyfPzI7WdPFWRbeVLw9PKUV9R18fE2u svIuKdeHiJd/MabagWqPffn4ZxgfxlG2Px3xtQhnFchDb7yXAsRUIdWwjIyw1fXR /lRkaehvKkwBHLYtSTnNnMrZyRYNsZBZ6WSeZ5hIFugq9wwWTYXY3vJxR2IUqhq8 veQrHg8DVt58G+GhI7EdmEKB9vJrjtNZBlz8VCiGESxSw/BZjCw2vl20gL2JmV0f 1OA4NaMH7l6Sj2DQDCqHIDN++PGhLkQWUxJHrLV2aqfZ7kn9bxXpX3djUYYjRzpS yaHsAsFOp7zwXkebbvV0dFhjLtst39xRJAEr8dAw6DUmfZqIPazdLv+PGGDpEuuq pcAe6QqrNettT37VCx81PtIQL4BJf1lvTW6VHIwj0MaQ6aFdNImzw/n1ld26ktoV feHER0IM0saIgwj/STOLV1+elNzi9dGdaFArxMRvM/s3fwo8JiYv1qnzfqGtQ6xH 5QwoBwwMZEEkqBvDCTtyFxLgg+Q/iVavwinxIRIb4Ttkr9M+PBL0WldFntlQRrlN SZDCcsvfxjM9aOwNS+tMCoX3CKB7hj94u+ti8MRJCw9I9EOzmZE= =bACv - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXa5SKGaOgq3Tt24GAQhoHQ//d5HncwQQEh1xGfPot7l0QTkwQeJUFqPu 07whZd3CUtYBuiPvLvcQKqxwOac8IlJ/AAFjdg108coN5A6D2vFiv6KbdaZVaTxh rTiueIT/hD4yKmni/rueewtIb0lEIS2HQRbq3QR9RvQrdHykuBjZlI59uvwSa56h 0kqFYkpFmOihWYLRHp4Bq0EsQ2fd/9poz/zHk1E9KndcXl1fQhhJ1hUEa1fYzZSO j6mhb9Eiho2AR8fDfI7PMvj3tTHUPzwB0TDBEE05ppMlferIRM+wgCNXYUN73Z1d YGQLkPJySVb3+SgK6xYE3yWnyGQgolfclEhG42RCbW5nlG7RVHeBM4cjpLbkUR9+ pbHegPYGIGtgxZN8mrEbE9y1T6raIeZdSWtZY4ZOmS782tAoI0fDYl8fb4LUm3uJ Cc+MG/R+Fu9bhtFMGSt41Q7jw4U2UKeUdUofRLo5lRTEpm5CiM/Qupfmxf5ywGOi seMAZO0AuqAK4zOgRkeMn9ajhRQkKP2pFA9GjXiw/JpLGHJXHMSOZawTUgY1Y3n6 y0ifb+P+lcTZDq7VD8j0N23nM0vpjuVQUeo6LhZ/NpTdakB5NGcM39LF3E0g/GGY nR+37SDzvb8Dwp06ZelLU6Yz1J6pgHB9pCQ9imJ7Qfej2zMXMraPYpr7zzeEF6Up +gyUw0lPTTo= =W4bI -----END PGP SIGNATURE-----