Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 6 Mar 2003 14:53:41 -0800 (PST)
From:      twig les <twigles@yahoo.com>
To:        freebsd-security@freebsd.org
Subject:   TCPDump version in base?
Message-ID:  <20030306225341.20774.qmail@web10103.mail.yahoo.com>

next in thread | raw e-mail | index | archive | help
Hey all, maybe I'm missing something but I can't seem to find
the version of tcpdump that I'm running.  After searching the
massive man page and doing a quick "pkg_info | grep tcpdump" to
make sure no info was available before posting, I don't know if
I'm vulnerable.  Does anyone know how to glean the version
number from tcpdump?

For those who are wondering wth I'm blathering about regarding
tcpdump's vulnerability, this SANS blurb should clarify:


Tcpdump versions prior to 3.7.2 contain a denial of service in
the
decoding of ISAKMP packets. This allows a remote attacker to
spoof
a malicious UDP packet that, when read by a vulnerable tcpdump
application, will cause tcpdump to enter an infinite loop.

This vulnerability is confirmed and fixed in version 3.7.2,
available
from:
http://www.tcpdump.org/


=====
-----------------------------------------------------------
Know yourself and know your enemy and you will never fear defeat.         
-----------------------------------------------------------

__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030306225341.20774.qmail>