[ MDKSA-2007:155 ] - Updated tcpdump packages fix remote denial of service

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 Mandriva Linux Security Advisory                         MDKSA-2007:155

 Package : tcpdump
 Date    : August 9, 2007
 Affected: 2007.1

 _______________________________________________________________________

 

 Problem Description:  

 Off-by-one buffer overflow in the parse_elements function in the  802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier  allows remote attackers to cause a denial of service (crash) via a  crafted 802.11 frame.  

 Updated packages have been patched to prevent this issue.

 References:  

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1218

 Updated Packages:  

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

 Mandriva Linux 2007.1:
 dd21fcc2041312477a7d255adfe3bf8d 2007.1/i586/tcpdump-3.9.5-1.2mdv2007.1.i586.rpm  51d352409c58bd2c85e2b84eb1569ead 2007.1/SRPMS/tcpdump-3.9.5-1.2mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 b6a61d821bb0c22c81519d91e02de34d 2007.1/x86_64/tcpdump-3.9.5-1.2mdv2007.1.x86_64.rpm  51d352409c58bd2c85e2b84eb1569ead 2007.1/SRPMS/tcpdump-3.9.5-1.2mdv2007.1.src.rpm

 To upgrade automatically use MandrivaUpdate or urpmi. The verification  of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security. You can obtain the  GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

  security_(at)_mandriva.com

 Type Bits/KeyID Date User ID
 pub 1024D/22458A98 2000-07-10 Mandriva Security Team   <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGu4wNmqjQ0CJFipgRAmtNAKCcyjX8kIg977hNPUkH6TqNih+4QgCdER8T IDaCyrvdWXdpoDYrJPw7oG8=
=0CI2
-----END PGP SIGNATURE----- Received on Fri Aug 10 14:31:05 2007