exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Gentoo Linux Security Advisory 201709-23

Gentoo Linux Security Advisory 201709-23
Posted Sep 25, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201709-23 - Multiple vulnerabilities have been found in Tcpdump, the worst of which may allow execution of arbitrary code. Versions less than 4.9.2 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-11108, CVE-2017-11541, CVE-2017-11542, CVE-2017-11543, CVE-2017-11544, CVE-2017-12893, CVE-2017-12894, CVE-2017-12895, CVE-2017-12896, CVE-2017-12897, CVE-2017-12898, CVE-2017-12899, CVE-2017-12900, CVE-2017-12901, CVE-2017-12902, CVE-2017-12985, CVE-2017-12986, CVE-2017-12987, CVE-2017-12988, CVE-2017-12989, CVE-2017-12990, CVE-2017-12991, CVE-2017-12992, CVE-2017-12993, CVE-2017-12994, CVE-2017-12995
SHA-256 | 715558f6adb4faa8fec7d45efdb67a8b78c48d5649546e1643df6920765b7bbc
Download | Favorite | View

Gentoo Linux Security Advisory 201709-23

Change Mirror Download
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201709-23
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                           https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: Tcpdump: Multiple vulnerabilities
     Date: September 25, 2017
     Bugs: #624652, #626462, #630110
       ID: 201709-23

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Tcpdump, the worst of which
may allow execution of arbitrary code.

Background
==========

Tcpdump is a tool for network monitoring and data acquisition.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  net-analyzer/tcpdump         < 4.9.2                    >= 4.9.2 

Description
===========

Multiple vulnerabilities have been discovered in Tcpdump. Please review
the referenced CVE identifiers for details.

Impact
======

A remote attacker could possibly execute arbitrary code with the
privileges of the process or cause a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Tcpdump users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=net-analyzer/tcpdump-4.9.2"

References
==========

[  1 ] CVE-2017-11108
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11108
[  2 ] CVE-2017-11541
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11541
[  3 ] CVE-2017-11542
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11542
[  4 ] CVE-2017-11543
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11543
[  5 ] CVE-2017-11544
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11544
[  6 ] CVE-2017-12893
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12893
[  7 ] CVE-2017-12894
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12894
[  8 ] CVE-2017-12895
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12895
[  9 ] CVE-2017-12896
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12896
[ 10 ] CVE-2017-12897
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12897
[ 11 ] CVE-2017-12898
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12898
[ 12 ] CVE-2017-12899
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12899
[ 13 ] CVE-2017-12900
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12900
[ 14 ] CVE-2017-12901
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12901
[ 15 ] CVE-2017-12902
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12902
[ 16 ] CVE-2017-12985
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12985
[ 17 ] CVE-2017-12986
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12986
[ 18 ] CVE-2017-12987
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12987
[ 19 ] CVE-2017-12988
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12988
[ 20 ] CVE-2017-12989
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12989
[ 21 ] CVE-2017-12990
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12990
[ 22 ] CVE-2017-12991
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12991
[ 23 ] CVE-2017-12992
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12992
[ 24 ] CVE-2017-12993
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12993
[ 25 ] CVE-2017-12994
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12994
[ 26 ] CVE-2017-12995
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12995
[ 27 ] CVE-2017-12996
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12996
[ 28 ] CVE-2017-12997
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12997
[ 29 ] CVE-2017-12998
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12998
[ 30 ] CVE-2017-12999
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12999
[ 31 ] CVE-2017-13000
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13000
[ 32 ] CVE-2017-13001
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13001
[ 33 ] CVE-2017-13002
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13002
[ 34 ] CVE-2017-13003
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13003
[ 35 ] CVE-2017-13004
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13004
[ 36 ] CVE-2017-13005
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13005
[ 37 ] CVE-2017-13006
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13006
[ 38 ] CVE-2017-13007
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13007
[ 39 ] CVE-2017-13008
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13008
[ 40 ] CVE-2017-13009
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13009
[ 41 ] CVE-2017-13010
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13010
[ 42 ] CVE-2017-13011
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13011
[ 43 ] CVE-2017-13012
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13012
[ 44 ] CVE-2017-13013
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13013
[ 45 ] CVE-2017-13014
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13014
[ 46 ] CVE-2017-13015
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13015
[ 47 ] CVE-2017-13016
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13016
[ 48 ] CVE-2017-13017
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13017
[ 49 ] CVE-2017-13018
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13018
[ 50 ] CVE-2017-13019
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13019
[ 51 ] CVE-2017-13020
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13020
[ 52 ] CVE-2017-13021
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13021
[ 53 ] CVE-2017-13022
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13022
[ 54 ] CVE-2017-13023
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13023
[ 55 ] CVE-2017-13024
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13024
[ 56 ] CVE-2017-13025
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13025
[ 57 ] CVE-2017-13026
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13026
[ 58 ] CVE-2017-13027
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13027
[ 59 ] CVE-2017-13028
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13028
[ 60 ] CVE-2017-13029
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13029
[ 61 ] CVE-2017-13030
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13030
[ 62 ] CVE-2017-13031
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13031
[ 63 ] CVE-2017-13032
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13032
[ 64 ] CVE-2017-13033
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13033
[ 65 ] CVE-2017-13034
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13034
[ 66 ] CVE-2017-13035
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13035
[ 67 ] CVE-2017-13036
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13036
[ 68 ] CVE-2017-13037
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13037
[ 69 ] CVE-2017-13038
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13038
[ 70 ] CVE-2017-13039
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13039
[ 71 ] CVE-2017-13040
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13040
[ 72 ] CVE-2017-13041
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13041
[ 73 ] CVE-2017-13042
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13042
[ 74 ] CVE-2017-13043
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13043
[ 75 ] CVE-2017-13044
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13044
[ 76 ] CVE-2017-13045
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13045
[ 77 ] CVE-2017-13046
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13046
[ 78 ] CVE-2017-13047
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13047
[ 79 ] CVE-2017-13048
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13048
[ 80 ] CVE-2017-13049
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13049
[ 81 ] CVE-2017-13050
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13050
[ 82 ] CVE-2017-13051
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13051
[ 83 ] CVE-2017-13052
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13052
[ 84 ] CVE-2017-13053
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13053
[ 85 ] CVE-2017-13054
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13054
[ 86 ] CVE-2017-13055
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13055
[ 87 ] CVE-2017-13687
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13687
[ 88 ] CVE-2017-13688
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13688
[ 89 ] CVE-2017-13689
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13689
[ 90 ] CVE-2017-13690
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13690
[ 91 ] CVE-2017-13725
       https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13725

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 https://security.gentoo.org/glsa/201709-23

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2017 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close