ESB-2017.2316 - [Debian] tcpdump: Multiple vulnerabilities 2017-09-13

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.2316
                          tcpdump security update
                             13 September 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           tcpdump
Publisher:         Debian
Operating System:  Debian GNU/Linux 8
                   Debian GNU/Linux 9
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2017-13725 CVE-2017-13690 CVE-2017-13689
                   CVE-2017-13688 CVE-2017-13687 CVE-2017-13055
                   CVE-2017-13054 CVE-2017-13053 CVE-2017-13052
                   CVE-2017-13051 CVE-2017-13050 CVE-2017-13049
                   CVE-2017-13048 CVE-2017-13047 CVE-2017-13046
                   CVE-2017-13045 CVE-2017-13044 CVE-2017-13043
                   CVE-2017-13042 CVE-2017-13041 CVE-2017-13040
                   CVE-2017-13039 CVE-2017-13038 CVE-2017-13037
                   CVE-2017-13036 CVE-2017-13035 CVE-2017-13034
                   CVE-2017-13033 CVE-2017-13032 CVE-2017-13031
                   CVE-2017-13030 CVE-2017-13029 CVE-2017-13028
                   CVE-2017-13027 CVE-2017-13026 CVE-2017-13025
                   CVE-2017-13024 CVE-2017-13023 CVE-2017-13022
                   CVE-2017-13021 CVE-2017-13020 CVE-2017-13019
                   CVE-2017-13018 CVE-2017-13017 CVE-2017-13016
                   CVE-2017-13015 CVE-2017-13014 CVE-2017-13013
                   CVE-2017-13012 CVE-2017-13011 CVE-2017-13010
                   CVE-2017-13009 CVE-2017-13008 CVE-2017-13007
                   CVE-2017-13006 CVE-2017-13005 CVE-2017-13004
                   CVE-2017-13003 CVE-2017-13002 CVE-2017-13001
                   CVE-2017-13000 CVE-2017-12999 CVE-2017-12998
                   CVE-2017-12997 CVE-2017-12996 CVE-2017-12995
                   CVE-2017-12994 CVE-2017-12993 CVE-2017-12992
                   CVE-2017-12991 CVE-2017-12990 CVE-2017-12989
                   CVE-2017-12988 CVE-2017-12987 CVE-2017-12986
                   CVE-2017-12985 CVE-2017-12902 CVE-2017-12901
                   CVE-2017-12900 CVE-2017-12899 CVE-2017-12898
                   CVE-2017-12897 CVE-2017-12896 CVE-2017-12895
                   CVE-2017-12894 CVE-2017-12893 CVE-2017-11543
                   CVE-2017-11542 CVE-2017-11541 CVE-2017-11108

Reference:         ESB-2017.1406
                   ESB-2017.0914
                   ESB-2017.0532

Original Bulletin: 
   http://www.debian.org/security/2017/dsa-3971

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-3971-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
September 13, 2017                    https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : tcpdump
CVE ID         : CVE-2017-11108 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543
                 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896
                 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900
                 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986
                 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990
                 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994
                 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998
                 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002
                 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006
                 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010
                 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014
                 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018
                 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022
                 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026
                 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030
                 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034
                 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038
                 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042
                 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046
                 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050
                 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054
                 CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689
                 CVE-2017-13690 CVE-2017-13725
Debian Bug     : 867718 873804 873805 873806

Several vulnerabilities have been discovered in tcpdump, a command-line
network traffic analyzer. These vulnerabilities might result in denial
of service or, potentially, execution of arbitrary code.

For the oldstable distribution (jessie), these problems have been fixed
in version 4.9.2-1~deb8u1.

For the stable distribution (stretch), these problems have been fixed in
version 4.9.2-1~deb9u1.

For the testing distribution (buster), these problems have been fixed
in version 4.9.2-1 or earlier versions.

For the unstable distribution (sid), these problems have been fixed in
version 4.9.2-1 or earlier versions.

We recommend that you upgrade your tcpdump packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlm4uyFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0TZxQ//dJk+0pnQFqBEEst1/y1OC5Xqq4QGcyj8kbencAzN8zoBAc+Q1b4kqW6r
kh+VSVWfth2vQWOBojBdSeE0xrCn2K8SLrxyrPLRnLHFcG9qZFofG99mV+hbJuwV
fDQ/SrZeRrcbT/7c8uAUSJ40acp0FZZSluTYRYvIx05qujBqlAYJqE6EeZXplquJ
NdXaR5uhKiR31PZjjpxwQIyPO5/RnGud3IPFfGpZ9o3MKIb7eN43ZV4VJ6Jncazm
KzxI+oVS/uPoKG3wEjFCXm+t3VD5ACLbLKcL4qf9lri1kp3T65Ury9+QJ9atNgxv
/qb+g2noOsXy9/rSvjFvxzB+lPj3CINtopYiXOX4H5vCKrOZ/DaiNu5Q1y0bly5X
xGrie5CjjbyQ+Ybz47OXI8iD5EGDkZP5vqryroyz+xsj90O+fYnZ8Fq/Lwrr5gHs
ohhQTQj5MnALGxKE5Vl9quLuJR9oDrg41XlikY1JhFVJ+IObe+iZD2+NvpYOHYfu
h3PQ0c0kyvW33XfIAM1LWlWamolEWu2ouhc7TRoUSgFpZXdeB8k6tisZWMiGIWNL
DQ1n+T6UrpcgeXu1tsD1LpSYgr5vD5nFApbpvWade1KLQWdjVakYPLgQ6caVOq2m
DCcBR6jHbiwIrz0z+CfKybll5EHXNMCu3Aaz40wkcZD3g6L4Zdg=
=zh6c
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWbjOxIx+lLeg9Ub1AQjSWhAArAq1H/zciTyWEkgKud/JRTEUSOtSH6RC
i2wojm0EnHS6PFnb/qkmXzKgk+tGF3WewkWrOd9XpwKu49wGH5mTVQdnZTj6HS8t
Mhkfs6DiYwR5VUm+9/XM/By6tKyZT+m1oOO0tY44K7rj4TS4X/nOz2wReQ4wm4I/
VXRLlhcxwEm/nHXkZMqPHETfPDc+HyZQJjtepBFjn/N26HB8JHMiPzhyT5WIdFkT
je615TyqtxD2LkX8HbZxYVQ05xoUWxBNvuIsERWvamjQKvsc2JfLOKRBWOmYMum0
de47WFAJlMsYY2QUDPClSiQOJgJsSi0g9pHTscHMj6XI24XIGrKD41/Zjh3W1sFk
rJ8VqVNu2elbKkzP1K+pWQrUmA30uDQHvccV57fRgsyngrNpqe+okZEbNuXCAm4N
3eSensui+xCZW7x0JJfPPukI3HMZzdmjz48r0z+A8QGRc9van9hEGydTCETeGly9
UQ/kUhN1CtcrbnTd7Gmd6XBeKgRwyPmkR/B4KHVM7my7JUf2fZy9XNeXxnfSqGsV
9mUysJz8GIEOsN0fn2L0ec858DldHsUIAwIIDCRLNDjSVw2ITKteyx7KLPeD+OED
fGH+7laxZtXLEyHJ6a2CkpqqhcI+xtLnQ6Mij8B6QeAb+issz5UuULi1t4rvLMeq
t3JPuug+ksE=
=2nSG
-----END PGP SIGNATURE-----

« Back to bulletins