Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort TCPDUMP security issue

    pfSense Packages
    2
    5
    2.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      ska007
      last edited by

      Hello,

      there might be a security risk in tcpdump which is shown below:

      http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-bgp.c?r1=1.91.2.11&r2=1.91.2.12

      http://www.digit-labs.org/files/exploits/private/tcpdump-bgp.c

      Is the bsd system (pfsense) affected by this problem with the tcpdump interface ?

      Thanks in advance.

      SKA

      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by

        Doubt it.  That exploit appears to target bgp and it is geared against linux?    The exploit will not even compile on a FreeBSD box so I cannot check it (and I do not use linux).

        1 Reply Last reply Reply Quote 0
        • S
          ska007
          last edited by

          So please have a look:

          http://security.freebsd.org/advisories/FreeBSD-SA-07:06.tcpdump.asc

          I already mentioned it, now there is an entry in freebsd-sec list.

          Can you please comment ?

          SKA

          1 Reply Last reply Reply Quote 0
          • S
            sullrich
            last edited by

            We will create a new fix as soon as FreeBSD commits the fix to the security branches.

            1 Reply Last reply Reply Quote 0
            • S
              sullrich
              last edited by

              Please test this fix by uploading to System -> Firmware update

              http://www.pfsense.com/~sullrich/1.0.1-tcpdumpfix.tgz

              If it works okay for you I will release the update ASAP.  PS: after installation please verify that your filter logs show up in Diagnostics -> System Logs

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.