Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for tcpdump

tcpdump was updated to fix three security issues.

These security issues were fixed:
- CVE-2014-8767: Integer underflow in the olsr_print function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allowed remote attackers to cause a denial of service (crash) via a crafted length value in an OLSR frame (bnc#905870 905871).
- CVE-2014-8769: tcpdump 3.8 through 4.6.2 might allowed remote attackers to obtain sensitive information from memory or cause a denial of service (packet loss or segmentation fault) via a crafted Ad hoc On-Demand Distance Vector (AODV) packet, which triggers an out-of-bounds memory access (bnc#905871 905872).
- CVE-2014-8768: Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0 through 4.6.2, when in verbose mode, allowed remote attackers to cause a denial of service (segmentation fault and crash) via a crafted length value in a Geonet frame (bnc#905871).

Fixed bugs
bnc#905872
VUL-0: CVE-2014-8769: tcpdump: unreliable output using malformed AOVD payload
bnc#905871
VUL-0: CVE-2014-8768: tcpdump: denial of service in verbose mode using malformed Geonet payload
bnc#905870
VUL-0: CVE-2014-8767: tcpdump: denial of service in verbose mode using malformed OLSR payload
CVE-CVE-2014-8767
CVE-CVE-2014-8769
CVE-CVE-2014-8768
Selected Binaries
openSUSE Build Service is sponsored by
Places