CVE-2001-1279

Name of the Vulnerable Software and Affected Versions tcpdump versions 3.x libpcap version 0.6.2 tcpdump version 3.6.2 arpwatch version 2.1a11

Description The issue is related to buffer overflow in tcpdump, allowing remote attackers to cause a denial of service and possibly execute arbitrary code via AFS RPC packets with invalid lengths that trigger an integer signedness error. Multiple vulnerabilities in libpcap, tcpdump, and arpwatch packages of Red Hat Linux can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.

Recommendations For tcpdump versions 3.x, update to a version that fixes the buffer overflow issue. For libpcap version 0.6.2, apply configuration changes to restrict access to sensitive information. For tcpdump version 3.6.2, restrict the use of AFS RPC packets to minimize the risk of exploitation. For arpwatch version 2.1a11, consider disabling the vulnerable functions until a patch is available.