Debian Long Term Support / LTS Security Information / 2017 / Security Information -- DLA-809-1 tcpdump

Debian Security Advisory

DLA-809-1 tcpdump -- LTS security update

Date Reported:

30 Jan 2017

Affected Packages:

tcpdump

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984, CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, CVE-2017-5486.

More information:

Multiple vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or the execution of arbitrary code.

• CVE-2016-7922

  Buffer overflow in parser.

• CVE-2016-7923

  Buffer overflow in parser.

• CVE-2016-7924

  Buffer overflow in parser.

• CVE-2016-7925

  Buffer overflow in parser.

• CVE-2016-7926

  Buffer overflow in parser.

• CVE-2016-7927

  Buffer overflow in parser.

• CVE-2016-7928

  Buffer overflow in parser.

• CVE-2016-7929

  Buffer overflow in parser.

• CVE-2016-7930

  Buffer overflow in parser.

• CVE-2016-7931

  Buffer overflow in parser.

• CVE-2016-7932

  Buffer overflow in parser.

• CVE-2016-7933

  Buffer overflow in parser.

• CVE-2016-7934

  Buffer overflow in parser.

• CVE-2016-7935

  Buffer overflow in parser.

• CVE-2016-7936

  Buffer overflow in parser.

• CVE-2016-7937

  Buffer overflow in parser.

• CVE-2016-7938

  Buffer overflow in parser.

• CVE-2016-7939

  Buffer overflow in parser.

• CVE-2016-7940

  Buffer overflow in parser.

• CVE-2016-7973

  Buffer overflow in parser.

• CVE-2016-7974

  Buffer overflow in parser.

• CVE-2016-7975

  Buffer overflow in parser.

• CVE-2016-7983

  Buffer overflow in parser.

• CVE-2016-7984

  Buffer overflow in parser.

• CVE-2016-7985

  Buffer overflow in parser.

• CVE-2016-7986

  Buffer overflow in parser.

• CVE-2016-7992

  Buffer overflow in parser.

• CVE-2016-7993

  Buffer overflow in parser.

• CVE-2016-8574

  Buffer overflow in parser.

• CVE-2016-8575

  Buffer overflow in parser.

• CVE-2017-5202

  Buffer overflow in parser.

• CVE-2017-5203

  Buffer overflow in parser.

• CVE-2017-5204

  Buffer overflow in parser.

• CVE-2017-5205

  Buffer overflow in parser.

• CVE-2017-5341

  Buffer overflow in parser.

• CVE-2017-5342

  Buffer overflow in parser.

• CVE-2017-5482

  Buffer overflow in parser.

• CVE-2017-5483

  Buffer overflow in parser.

• CVE-2017-5484

  Buffer overflow in parser.

• CVE-2017-5485

  Buffer overflow in parser.

• CVE-2017-5486

  Buffer overflow in parser.

For Debian 7 Wheezy, these problems have been fixed in version 4.9.0-1~deb7u1.

We recommend that you upgrade your tcpdump packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS