Debian Security Advisory DSA 255-1 (tcpdump)

Summary
The remote host is missing an update to tcpdump announced via advisory DSA 255-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20255-1
Insight
Andrew Griffiths and iDEFENSE Labs discovered a problem in tcpdump, a powerful tool for network monitoring and data acquisition. An attacker is able to send a specially crafted network packet which causes tcpdump to enter an infinite loop. In addition to the above problem the tcpdump developers discovered a potential infinite loop when parsing malformed BGP packets. They also discovered a buffer overflow that can be exploited with certain malformed NFS packets. For the stable distribution (woody) these problems have been fixed in version 3.6.2-2.3. For the old stable distribution (potato) does not seem to be affected by this problem. For the unstable distribution (sid) these problems have been fixed in version 3.7.1-1.2. We recommend that you upgrade your tcpdump packages.