From owner-freebsd-security  Thu Mar  6 14:53:44 2003
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 666AB37B401
	for <freebsd-security@freebsd.org>; Thu,  6 Mar 2003 14:53:42 -0800 (PST)
Received: from web10103.mail.yahoo.com (web10103.mail.yahoo.com [216.136.130.53])
	by mx1.FreeBSD.org (Postfix) with SMTP id DBF3643F93
	for <freebsd-security@freebsd.org>; Thu,  6 Mar 2003 14:53:41 -0800 (PST)
	(envelope-from twigles@yahoo.com)
Message-ID: <20030306225341.20774.qmail@web10103.mail.yahoo.com>
Received: from [68.5.49.41] by web10103.mail.yahoo.com via HTTP; Thu, 06 Mar 2003 14:53:41 PST
Date: Thu, 6 Mar 2003 14:53:41 -0800 (PST)
From: twig les <twigles@yahoo.com>
Subject: TCPDump version in base?
To: freebsd-security@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Hey all, maybe I'm missing something but I can't seem to find
the version of tcpdump that I'm running.  After searching the
massive man page and doing a quick "pkg_info | grep tcpdump" to
make sure no info was available before posting, I don't know if
I'm vulnerable.  Does anyone know how to glean the version
number from tcpdump?

For those who are wondering wth I'm blathering about regarding
tcpdump's vulnerability, this SANS blurb should clarify:


Tcpdump versions prior to 3.7.2 contain a denial of service in
the
decoding of ISAKMP packets. This allows a remote attacker to
spoof
a malicious UDP packet that, when read by a vulnerable tcpdump
application, will cause tcpdump to enter an infinite loop.

This vulnerability is confirmed and fixed in version 3.7.2,
available
from:
http://www.tcpdump.org/


=====
-----------------------------------------------------------
Know yourself and know your enemy and you will never fear defeat.         
-----------------------------------------------------------

__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message