Bug 159208
Summary: | CAN-2005-1267 tcpdump BGP DoS | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Josh Bressers <bressers> | ||||||
Component: | tcpdump | Assignee: | Martin Stransky <stransky> | ||||||
Status: | CLOSED ERRATA | QA Contact: | |||||||
Severity: | low | Docs Contact: | |||||||
Priority: | medium | ||||||||
Version: | 4.0 | CC: | security-response-team | ||||||
Target Milestone: | --- | Keywords: | Security | ||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | impact=low,source=vendorsec,reported=20050531,public=20050606 | ||||||||
Fixed In Version: | RHSA-2005-505 | Doc Type: | Bug Fix | ||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2005-06-13 12:03:32 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Josh Bressers
2005-05-31 16:11:32 UTC
This issue should also affect RHEL2.1 and RHEL3 Created attachment 115005 [details]
Patch from upstream
Created attachment 115006 [details]
Proof of concept exploit
When will the embargo expire? There is no set date yet. I'll let you know as soon as there is one. I expect it to be soon. This fix is already in the upstream CVS, so it makes little sense to try to keep it a secret for too long. Removing embargo as per Simon Nielsen msg to vendor-sec RHEL2.1 and RHEL3 aren't affected by this issue, the bug is only in version 3.8.2. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-505.html |