Debian Long Term Support / LTS Security Information / 2014 / Security Information -- DLA-102-1 tcpdump

Debian Security Advisory

DLA-102-1 tcpdump -- LTS security update

Date Reported:

08 Dec 2014

Affected Packages:

tcpdump

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 770424, Bug 770434.
In Mitre's CVE dictionary: CVE-2014-8767, CVE-2014-8769, CVE-2014-9140.

More information:

Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service, leaking sensitive information from memory or, potentially, execution of arbitrary code.

For Debian 6 Squeeze, these issues have been fixed in tcpdump version 4.1.1-1+deb6u1