Debian Security Advisory
DLA-174-1 tcpdump -- LTS security update
- Date Reported:
- 17 Mar 2015
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2015-0261, CVE-2015-2154, CVE-2015-2155.
- More information:
Several issues have been discovered with tcpdump in the way it handled some printer protocols. Those issues can lead to denial of service, or, potentially, execution of arbitrary code.
Missing bounds checks in IPv6 Mobility printer
Missing bounds checks in ISOCLNS printer
Missing bounds checks in ForCES printer
For Debian 6
Squeeze, these issues have been fixed in tcpdump version tcpdump_4.1.1-1+deb6u2
Thanks to Romain Françoise who prepared this update.