tcpdump: Multiple vulnerabilities
Multiple vulnerabilities have been found in tcpdump, the worst of
which may allow execution of arbitrary code.
tcpdump
2017-02-21
2017-02-21
606516
remote
4.9.0
4.9.0
tcpdump is a tool for network monitoring and data acquisition.
Multiple vulnerabilities have been discovered in tcpdump. Please review
the CVE identifiers referenced below for details.
A remote attacker, by sending a specially crafted network package, could
possibly execute arbitrary code with the privileges of the process or
cause a Denial of Service condition.
There is no known workaround at this time.
All tcpdump users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/tcpdump-4.9.0"
CVE-2016-7922
CVE-2016-7923
CVE-2016-7924
CVE-2016-7925
CVE-2016-7926
CVE-2016-7927
CVE-2016-7928
CVE-2016-7929
CVE-2016-7930
CVE-2016-7931
CVE-2016-7932
CVE-2016-7933
CVE-2016-7934
CVE-2016-7935
CVE-2016-7936
CVE-2016-7937
CVE-2016-7938
CVE-2016-7939
CVE-2016-7940
CVE-2016-7973
CVE-2016-7974
CVE-2016-7975
CVE-2016-7983
CVE-2016-7984
CVE-2016-7985
CVE-2016-7986
CVE-2016-7992
CVE-2016-7993
CVE-2016-8574
CVE-2016-8575
CVE-2017-5202
CVE-2017-5203
CVE-2017-5204
CVE-2017-5205
CVE-2017-5341
CVE-2017-5342
CVE-2017-5482
CVE-2017-5483
CVE-2017-5484
CVE-2017-5485
CVE-2017-5486
b-man
whissi