Critical Vulnerability Information Vulnerability Overview Advisory ID: FLSA:1222 Release Date: 2004-01-31 Product: Red Hat Linux Keywords: Security CVE IDs: - CAN-2003-0989 - CAN-2004-0055 - CAN-2004-0057 Vulnerability Details 1. Issue Description: - Multiple Security Vulnerabilities: Tcpdump contains multiple security vulnerabilities when decoding ISAKMP and RADIUS packets. These could be exploited by remote attackers using specially crafted packets. If a victim is using tcpdump, this may result in a denial-of-service or arbitrary code execution under the "pcap" user account. - Specific Vulnerabilities: - George Bakos discovered a vulnerability in tcpdump versions prior to 3.8.1 during ISAKMP decoding (CVE: CAN-2003-0989). - Jonathan Heusser discovered an additional vulnerability in tcpdump versions 3.8.1 and earlier during ISAKMP decoding (CVE: CAN-2004-0057). - Jonathan Heusser also discovered a vulnerability in the function during RADIUS packet decoding in tcpdump versions 3.8.1 and earlier (CVE: CAN-2004-0055). Solution Update tcpdump: - Users should upgrade tcpdump to a version that includes the security patches. - Upgrade commands: Download Links Red Hat Linux 7.2: Download Link Red Hat Linux 7.3: Download Link Red Hat Linux 8.0: Download Link Verification SHA1 Checksums: - SHA1 checksums are provided for all update packages to verify integrity and ensure they have not been tampered with. References CVE: CAN-2003-0989 CVE: CAN-2004-0055 CVE: CAN-2004-0057