Bug 49294

Summary: security problem in tcpdump-3.6.2 AFS printing
Product: [Retired] Red Hat Raw Hide Reporter: Pekka Savola <pekkas>
Component: tcpdumpAssignee: Harald Hoyer <harald>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: high    
Version: 1.0Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-07-18 20:55:12 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Pekka Savola 2001-07-17 18:41:47 UTC 
There is a security problem in AFS printing functions in tcpdump-3.6.2.

AFS printing is not supported in tcpdump-3.4, so this only applies to rawhide.

FreeBSD advisory:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:48.tcpdump.asc

Patch against Rawhide: (patch -p1 -R)
http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-rx.c?r1=1.20&r2=1.20.2.1
Comment 1 Glen Foster 2001-07-18 20:55:07 UTC 
We (Red Hat) must address this defect before next release.
Comment 2 Harald Hoyer 2001-07-19 13:06:45 UTC 
thx