Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Snort TCPDUMP security issue

    pfSense Packages
    2
    5
    2101
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      ska007 last edited by

      Hello,

      there might be a security risk in tcpdump which is shown below:

      http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-bgp.c?r1=1.91.2.11&r2=1.91.2.12

      http://www.digit-labs.org/files/exploits/private/tcpdump-bgp.c

      Is the bsd system (pfsense) affected by this problem with the tcpdump interface ?

      Thanks in advance.

      SKA

      1 Reply Last reply Reply Quote 0
      • S
        sullrich last edited by

        Doubt it.  That exploit appears to target bgp and it is geared against linux?    The exploit will not even compile on a FreeBSD box so I cannot check it (and I do not use linux).

        1 Reply Last reply Reply Quote 0
        • S
          ska007 last edited by

          So please have a look:

          http://security.freebsd.org/advisories/FreeBSD-SA-07:06.tcpdump.asc

          I already mentioned it, now there is an entry in freebsd-sec list.

          Can you please comment ?

          SKA

          1 Reply Last reply Reply Quote 0
          • S
            sullrich last edited by

            We will create a new fix as soon as FreeBSD commits the fix to the security branches.

            1 Reply Last reply Reply Quote 0
            • S
              sullrich last edited by

              Please test this fix by uploading to System -> Firmware update

              http://www.pfsense.com/~sullrich/1.0.1-tcpdumpfix.tgz

              If it works okay for you I will release the update ASAP.  PS: after installation please verify that your filter logs show up in Diagnostics -> System Logs

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense Plus
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy