Executive Summary
Summary | |
---|---|
Title | tcpdump vulnerability |
Informations | |||
---|---|---|---|
Name | USN-492-1 | First vendor Publication | 2007-07-30 |
Vendor | Ubuntu | Last vendor Modification | 2007-07-30 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 6.10: Ubuntu 7.04: In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A flaw was discovered in the BGP dissector of tcpdump. Remote attackers could send specially crafted packets and execute arbitrary code with user privileges. |
Original Source
Url : http://www.ubuntu.com/usn/USN-492-1 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-30 | Hijacking a Privileged Thread of Execution |
CAPEC-232 | Exploitation of Privilege/Trust |
CAPEC-234 | Hijacking a privileged process |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-252 | Unchecked Return Value |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:20493 | |||
Oval ID: | oval:org.mitre.oval:def:20493 | ||
Title: | DSA-1353-1 tcpdump - integer overflow | ||
Description: | It was discovered that an integer overflow in the BGP dissector of tcpdump, a powerful tool for network monitoring and data acquisition, may lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1353-1 CVE-2007-3798 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | tcpdump |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22387 | |||
Oval ID: | oval:org.mitre.oval:def:22387 | ||
Title: | ELSA-2007:0368: tcpdump security and bug fix update (Moderate) | ||
Description: | Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:0368-04 CVE-2007-1218 CVE-2007-3798 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | tcpdump |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9771 | |||
Oval ID: | oval:org.mitre.oval:def:9771 | ||
Title: | Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. | ||
Description: | Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-3798 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X Security Update 2007-009 File : nvt/macosx_secupd_2007-009.nasl |
2009-10-13 | Name : SLES10: Security update for tcpdump File : nvt/sles10_tcpdump.nasl |
2009-10-10 | Name : SLES9: Security update for tcpdump File : nvt/sles9p5011066.nasl |
2009-04-09 | Name : Mandriva Update for tcpdump MDKSA-2007:148 (tcpdump) File : nvt/gb_mandriva_MDKSA_2007_148.nasl |
2009-03-23 | Name : Ubuntu Update for tcpdump vulnerability USN-492-1 File : nvt/gb_ubuntu_USN_492_1.nasl |
2009-02-27 | Name : Fedora Update for tcpdump FEDORA-2007-1361 File : nvt/gb_fedora_2007_1361_tcpdump_fc7.nasl |
2009-02-27 | Name : Fedora Update for tcpdump FEDORA-2007-654 File : nvt/gb_fedora_2007_654_tcpdump_fc6.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200707-14 (tcpdump) File : nvt/glsa_200707_14.nasl |
2008-09-04 | Name : FreeBSD Ports: tcpdump File : nvt/freebsd_tcpdump2.nasl |
2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-07:06.tcpdump.asc) File : nvt/freebsdsa_tcpdump1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1353-1 (tcpdump) File : nvt/deb_1353_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2007-230-01 tcpdump File : nvt/esoft_slk_ssa_2007_230_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
38213 | tcpdump print-bgp.c BGP Packet Handling Crafted TLVs Remote Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0387.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071115_tcpdump_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071109_tcpdump_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_11696.nasl - Type : ACT_GATHER_INFO |
2007-12-18 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2007-009.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_tcpdump-4037.nasl - Type : ACT_GATHER_INFO |
2007-11-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0387.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-492-1.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0368.nasl - Type : ACT_GATHER_INFO |
2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-1361.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_tcpdump-4036.nasl - Type : ACT_GATHER_INFO |
2007-08-21 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-230-01.nasl - Type : ACT_GATHER_INFO |
2007-08-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1353.nasl - Type : ACT_GATHER_INFO |
2007-08-03 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-654.nasl - Type : ACT_GATHER_INFO |
2007-08-02 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_2dc764fa40c011dcaeac02e0185f8d72.nasl - Type : ACT_GATHER_INFO |
2007-07-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200707-14.nasl - Type : ACT_GATHER_INFO |
2007-07-27 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2007-148.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:04:31 |
|