Package: tcpdump Severity: important Tags: security Four DoS vulnerabilities in tcpdump have been reported against tcpdump. These have security sensitive effects if you use tcpdump for automated network monitoring or intrusion/anomaly detection. Four exploits have been released, which also contain more verbose information in the comments:
http://fakehalo.us/xtcpdump+ethr-rsvp-dos.c http://fakehalo.us/xtcpdump-isis-dos.c http://fakehalo.us/xtcpdump-bgp-dos.c http://fakehalo.us/xtcpdump-ldp-dos.c Issues 2-4 are fixed in current CVS, the first one is still unfixed. Cheers, Moritz -- System Information: Debian Release: 3.0 Architecture: i386 -- debconf-show failed -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
