Debian Security Advisory
DLA-174-1 tcpdump -- LTS security update
- Date Reported:
- 17 Mar 2015
- Affected Packages:
- tcpdump
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2015-0261, CVE-2015-2154, CVE-2015-2155.
- More information:
-
Several issues have been discovered with tcpdump in the way it handled some printer protocols. Those issues can lead to denial of service, or, potentially, execution of arbitrary code.
- CVE-2015-0261
Missing bounds checks in IPv6 Mobility printer
- CVE-2015-2154
Missing bounds checks in ISOCLNS printer
- CVE-2015-2155
Missing bounds checks in ForCES printer
For Debian 6
Squeeze
, these issues have been fixed in tcpdump version tcpdump_4.1.1-1+deb6u2Thanks to Romain Françoise who prepared this update.
- CVE-2015-0261