Debian Security Advisory
DLA-713-1 sniffit -- LTS security update
- Date Reported:
- 21 Nov 2016
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 845122.
In Mitre's CVE dictionary: CVE-2014-5439.
- More information:
It was discovered that there was a buffer overflow in the packet sniffer and monitoring tool
sniffitwhich allowed a specially-crafted configuration file to provide a root shell.
For Debian 7
Wheezy, this issue has been fixed in sniffit version 0.3.7.beta-16.1+deb7u1.
We recommend that you upgrade your sniffit packages.