[Whitebox-announce] [WBSA-2004:008-01] Updated tcpdump packages fix various vulnerabilities
John Morris
jmorris@beau.org
Thu, 12 Feb 2004 17:49:33 -0600 (CST)
----------------------------------------------------------------------
Security Advisory
Synopsis: Updated tcpdump packages fix various vulnerabilities
Advisory ID: WBSA-2004:008-01
Issue date: 2004-01-07
Updated on: 2004-02-12
Product: White Box Enterprise Linux 3.0 (i386)
Keywords: tcpdump arpwatch buffer overflow
Cross references:
Obsoletes:
CVE Names: CAN-2003-0989 CAN-2004-0055 CAN-2004-0057
----------------------------------------------------------------------
Updated tcpdump, libpcap, and arpwatch packages fix vulnerabilities in
ISAKMP and RADIUS parsing.
More information is available in Red Hat, Inc's original advisory
available on their site at:
http://www.redhat.com/archives/enterprise-watch-list/2004-January/msg00007.html
To install this new package on your White Box Enterprise Linux system
use the Up2Date Network or Yum.
Note: Be sure to change the default Up2Date or Yum server from the
initial location to prevent undue load to the whiteboxlinux.org
server, which doesn't have a lot of outbound bandwidth. The config
files already have entries for mirror sites commented out.
Up2Date's configuration file is at /etc/sysconfig/rhn/sources
Yum's configuration is in /etc/yum.conf