Debian Security Advisory

DSA-206-1 tcpdump -- denial of service

Date Reported:
10 Dec 2002
Affected Packages:
Security database references:
In the Bugtraq database (at SecurityFocus): BugTraq ID 6213.
In Mitre's CVE dictionary: CVE-2002-1350.
More information:

The BGP decoding routines for tcpdump used incorrect bounds checking when copying data. This could be abused by introducing malicious traffic on a sniffed network for a denial of service attack against tcpdump, or possibly even remote code execution.

This has been fixed in version 3.6.2-2.2.

Fixed in:

Debian GNU/Linux 3.0 (woody)

alpha (DEC Alpha):
arm (ARM):
hppa (HP PA RISC):
i386 (Intel ia32):
ia64 (Intel ia64):
m68k (Motorola Mc680x0):
mips (MIPS (Big Endian)):
powerpc (PowerPC):
s390 (IBM S/390):
sparc (Sun SPARC/UltraSPARC):

MD5 checksums of the listed files are available in the original advisory.