Hi, I run the SecurityTracker web site (http://securitytracker.com/), which is dedicated to reporting on computer and network security vulnerabilities.
Back in 2001, someone reportedly discovered a buffer overflow in version 3.6.2 that can be triggered when tcpdump processes NFS packets (http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=55145). The CVE number CAN-2002-0380 has been assigned, and many Linux distributions are now releasing fixes. Is there a fix in the upstream version? Maybe in 3.7? Any information you can provide would be greatly appreciated. Thanks, Stuart ---------------------------- Stuart Moore SecurityTracker.com SecurityGlobal.net LLC [EMAIL PROTECTED] +1 301 495 5930 voice +1 413 691 4346 fax ---------------------------- - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
