USN-119-1: tcpdump vulnerabilities

6 May 2005

tcpdump vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.04
  • Ubuntu 4.10

Software Description


It was discovered that certain invalid GRE, LDP, BGP, and RSVP packets triggered infinite loops in tcpdump, which caused tcpdump to stop working. This could be abused by a remote attacker to bypass tcpdump analysis of network traffic.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
Ubuntu 4.10

To update your system, please follow these instructions: