2005年6月21日发布的Ubuntu安全公告USN - 141 - 1指出,Ubuntu 4.10和5.04版本的tcpdump存在安全漏洞,特定无效BGP数据包会使tcpdump陷入无限循环,攻击者可借此绕过网络流量分析。可通过升级tcpdump包来修复,文中还给出了各架构更新包的下载链接。
x writes:
===========================================================
Ubuntu Security Notice USN-141-1 June 21, 2005
tcpdump vulnerability
CAN-2005-1267
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
The following packages are affected:
tcpdump
The problem can be corrected by upgrading the affected package to
version 3.8.3-3ubuntu0.3 (for Ubuntu 4.10), or 3.8.3-3ubuntu0.4 (for
Ubuntu 5.04). In general, a standard system upgrade is sufficient to
effect the necessary changes.
Details follow:
It was discovered that certain invalid BGP packets triggered an
infinite loop in tcpdump, which caused tcpdump to stop working. This
could be abused by a remote attacker to bypass tcpdump analysis of
network traffic.
Updated packages for Ubuntu 4.10 (Warty Warthog):
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.3.diff.gz
Size/MD5: 10896 4702377c3189048522d6c001c9bc6f20
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.3.dsc
Size/MD5: 672 59625b40bdce1e52cdef6f04845f9af2
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3.orig.tar.gz
Size/MD5: 567116 30645001f4b97019677cad88d3811904
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.3_amd64.deb
Size/MD5: 255700 0cd4c99be36a5cb2cb90397ae61678fe
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.3_i386.deb
Size/MD5: 234606 d4d65d97e0bc543f163fd3d69dc5f9bb
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.3_powerpc.deb
Size/MD5: 245540 7f674bb7675833678023d791a3b5cecb
Updated packages for Ubuntu 5.04 (Hoary Hedgehog):
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.4.diff.gz
Size/MD5: 10932 426d64f415eb78d225f952126d37d149
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.4.dsc
Size/MD5: 672 106d0e1f304bfac046cb5ee92178d03c
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3.orig.tar.gz
Size/MD5: 567116 30645001f4b97019677cad88d3811904
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.4_amd64.deb
Size/MD5: 255684 1b772031ea02ddc34540d57c2e887fad
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.4_i386.deb
Size/MD5: 234620 1e9c285b47b0639cfa32085665b430aa
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.4_powerpc.deb
Size/MD5: 245566 537c353da73354ba16cef78f2d77e5e9
Ubuntu Security Notice USN-141-1 June 21, 2005
tcpdump vulnerability
CAN-2005-1267
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
The following packages are affected:
tcpdump
The problem can be corrected by upgrading the affected package to
version 3.8.3-3ubuntu0.3 (for Ubuntu 4.10), or 3.8.3-3ubuntu0.4 (for
Ubuntu 5.04). In general, a standard system upgrade is sufficient to
effect the necessary changes.
Details follow:
It was discovered that certain invalid BGP packets triggered an
infinite loop in tcpdump, which caused tcpdump to stop working. This
could be abused by a remote attacker to bypass tcpdump analysis of
network traffic.
Updated packages for Ubuntu 4.10 (Warty Warthog):
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.3.diff.gz
Size/MD5: 10896 4702377c3189048522d6c001c9bc6f20
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.3.dsc
Size/MD5: 672 59625b40bdce1e52cdef6f04845f9af2
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3.orig.tar.gz
Size/MD5: 567116 30645001f4b97019677cad88d3811904
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.3_amd64.deb
Size/MD5: 255700 0cd4c99be36a5cb2cb90397ae61678fe
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.3_i386.deb
Size/MD5: 234606 d4d65d97e0bc543f163fd3d69dc5f9bb
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.3_powerpc.deb
Size/MD5: 245540 7f674bb7675833678023d791a3b5cecb
Updated packages for Ubuntu 5.04 (Hoary Hedgehog):
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.4.diff.gz
Size/MD5: 10932 426d64f415eb78d225f952126d37d149
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.4.dsc
Size/MD5: 672 106d0e1f304bfac046cb5ee92178d03c
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3.orig.tar.gz
Size/MD5: 567116 30645001f4b97019677cad88d3811904
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.4_amd64.deb
Size/MD5: 255684 1b772031ea02ddc34540d57c2e887fad
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.4_i386.deb
Size/MD5: 234620 1e9c285b47b0639cfa32085665b430aa
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/t/tcpdump/tcpdum
p_3.8.3-3ubuntu0.4_powerpc.deb
Size/MD5: 245566 537c353da73354ba16cef78f2d77e5e9
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
