[ubuntu-hardened] tcpdump: multiple vulnerabilities fixed.
daniel curtis
sidetripping at gmail.com
Wed Feb 8 19:35:33 UTC 2017
Hi
On 29. Jan, 2017 Debian has published Security Advisory (see: DSA-3775-1;
https://www.debian.org/security/2017/dsa-3775) for a tcpdump package, that
fixes multiple security issues. It seems the package before version 4.9.0-1
is vulnerable to arbitrary code execution.
The worst thing: a remote attacker can execute arbitrary code on the
affected host by crafting network packets. Checking any DSA number and
looking for an Ubuntu situation, it is pretty worrying, because none of the
issue is fixed. (Even when *Priority* is "medium".)
I know, that Ubuntu have a tcpdump AppArmor profile, but is it enough? Even
Debian "Wheezy" has been updated to the new 4.9 version. (4.9.0-1~deb7u1.)
Previous version was: 4.3.0-1. For example 12.04 LTS Release has 4.2.1
version so - as we can see - it can be updated to the latest 4.9 version.
Just as Debian did.
According to so many fixed vulnerabilities with "medium" *Priority*, I
would like to ask when and if there will be available an update for a
tcpdump package? Some Linux Distributions, such as Arch Linux already
released an update. (See: https://security.archlinux.org/ASA-201702-1)
By the way; I'm just curious. That's all :- )
Thanks, best regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20170208/32ad24fd/attachment.html>
More information about the ubuntu-hardened
mailing list