Date: Thu, 6 Mar 2003 15:49:52 -0800 (PST) From: twig les <twigles@yahoo.com> To: freebsd-questions@freebsd.org Subject: Re: TCPDump version in base? Message-ID: <20030306234952.51661.qmail@web10106.mail.yahoo.com> In-Reply-To: <20030307122620.L59121@a2.scoop.co.nz>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a good point. Do I have to upgrade? The team hasn't put out an advisory but we actively use a few FreeBSD boxes for sniffing so pardon my impatience. > Since tcpdump has moved into the freebsd core distribution > it's doubtful > whether the tcpdump version number as such is all that > meaningful anyway. > > Andrew > > > > On Thu, 6 Mar 2003, twig les wrote: > > > Date: Thu, 6 Mar 2003 14:53:41 -0800 (PST) > > From: twig les <twigles@yahoo.com> > > To: freebsd-security@FreeBSD.ORG > > Subject: TCPDump version in base? > > > > Hey all, maybe I'm missing something but I can't seem to > find > > the version of tcpdump that I'm running. After searching > the > > massive man page and doing a quick "pkg_info | grep tcpdump" > to > > make sure no info was available before posting, I don't know > if > > I'm vulnerable. Does anyone know how to glean the version > > number from tcpdump? > > > > For those who are wondering wth I'm blathering about > regarding > > tcpdump's vulnerability, this SANS blurb should clarify: > > > > > > Tcpdump versions prior to 3.7.2 contain a denial of service > in > > the > > decoding of ISAKMP packets. This allows a remote attacker to > > spoof > > a malicious UDP packet that, when read by a vulnerable > tcpdump > > application, will cause tcpdump to enter an infinite loop. > > > > This vulnerability is confirmed and fixed in version 3.7.2, > > available > > from: > > http://www.tcpdump.org/ > > > > > > ===== > > ----------------------------------------------------------- > > Know yourself and know your enemy and you will never fear > defeat. > > ----------------------------------------------------------- > > > > __________________________________________________ > > Do you Yahoo!? > > Yahoo! Tax Center - forms, calculators, tips, more > > http://taxes.yahoo.com/ > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the > message > > > > ------------------------------------------------------------------ > Andrew McNaughton In Sydney and looking for > work > andrew@scoop.co.nz > http://staff.scoop.co.nz/andrew/cv.doc > Mobile: +61 422 753 792 > > ===== ----------------------------------------------------------- Know yourself and know your enemy and you will never fear defeat. ----------------------------------------------------------- __________________________________________________ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030306234952.51661.qmail>