An integer overflow flaw was found in tcpdump's BGP protocol dissector. This
could potentially allow an attacker to execute arbitrary code as the user
The upstream patch is here:
The Gentoo bug has more information
This flaw does not affect the version of tcpdump shipped in Red Hat Enterprise
Linux 2.1 or 3.
This issue was addressed in:
Red Hat Enterprise Linux: