49294 – security problem in tcpdump-3.6.2 AFS printing

Bug 49294 - security problem in tcpdump-3.6.2 AFS printing

Summary: security problem in tcpdump-3.6.2 AFS printing

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Red Hat Raw Hide
Classification:	Retired
Component:	tcpdump
Sub Component:
Version:	1.0
Hardware:	i386
OS:	Linux
Priority:	high
Severity:	medium
Target Milestone:	---
Assignee:	Harald Hoyer
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-07-17 18:41 UTC by Pekka Savola
Modified:	2008-05-01 15:38 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2001-07-18 20:55:12 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2001:089	0	normal	SHIPPED_LIVE	: Updated tcpdump packages available for Red Hat Linux 6.2 and 7.x	2001-06-28 04:00:00 UTC

Description Pekka Savola 2001-07-17 18:41:47 UTC

There is a security problem in AFS printing functions in tcpdump-3.6.2.

AFS printing is not supported in tcpdump-3.4, so this only applies to rawhide.

FreeBSD advisory:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:48.tcpdump.asc

Patch against Rawhide: (patch -p1 -R)
http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-rx.c?r1=1.20&r2=1.20.2.1

Comment 1 Glen Foster 2001-07-18 20:55:07 UTC

We (Red Hat) must address this defect before next release.

Comment 2 Harald Hoyer 2001-07-19 13:06:45 UTC

thx

Note You need to log in before you can comment on or make changes to this bug.