[CLA-2003:662] Conectiva Security Announcement - ethereal

From: Conectiva Updates (secure_at_conectiva.com.br)
Date: 06/25/03

Next message: CrazZzy Slash: "OptiSwitch remote root compromise"

Previous message: bugzilla_at_redhat.com: "[RHSA-2003:173-01] Updated ypserv packages fix a denial of service vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 25 Jun 2003 17:07:17 -0300
To: conectiva-updates@papaleguas.conectiva.com.br, lwn@lwn.net, bugtraq@securityfocus.com, security-alerts@linuxsecurity.com, linsec@lists.seifried.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- --------------------------------------------------------------------------

PACKAGE : ethereal
SUMMARY : Several vulnerabilities
DATE : 2003-06-25 17:06:00
ID : CLA-2003:662
RELEVANT
RELEASES : 7.0, 8, 9

- -------------------------------------------------------------------------

DESCRIPTION
Ethereal[1] is a powerful network traffic analyzer with a graphical
usr interface (GUI).

This update announcement addresses several vulnerabilities[2,3] in
ethereal versions <= 0.9.12. These vulnerabilities can be exploited
by an attacker who can insert crafted packets in the wire being
monitored by ethereal or make an user open a trace file with such
packets inside. Successful exploitation of these vulnerabilities can
lead to denial of service conditions and/or remote execution of
arbitrary code.

The following vulnerabilities have been fixed:

- Denial of Service (DoS) in the DCERPC dissector when trying to
decode a NDR string[4];
- Buffer overflow in the OSI dissector when decoding IPv4 or IPv6
prefixes[5];
- Denial of Service (DoS) in the SPNEGO dissector when parsing an
invalid ASN.1 value[6];
- Memory handling error in the tvb_get_nstringz0() routine when
handling a zero-length buffer size[7];
- Handling string vulnerabilities in the BGP, WTP, DNS, 802.11,
ISAKMP, WSP, CLNP, ISIS and RMI dissectors[8].

The Common Vulnerabilities and Exposures (CVE) project has assigned
the names CAN-2003-04{28,29,30,31,32} to these issues, respectively.

SOLUTION
All ethereal users should upgrade their packages.

REFERENCES:
1.http://www.ethereal.com
2.http://www.ethereal.com/appnotes/enpa-sa-00010.html
3.http://distro2.conectiva.com.br/bugzilla/show_bug.cgi?id=8687
4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0428
5.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0429
6.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0430
7.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0431
8.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0432

ADDITIONAL INSTRUCTIONS
The apt tool can be used to perform RPM packages upgrades:

- run: apt-get update
- after that, execute: apt-get upgrade

Detailed instructions reagarding the use of apt and upgrade examples
can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en

- -------------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key and instructions
on how to import it can be found at
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can be
found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en

- -------------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en

- -------------------------------------------------------------------------
Copyright (c) 2003 Conectiva Inc.
http://www.conectiva.com

- -------------------------------------------------------------------------
subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br
unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE++gD042jd0JmAcZARAh44AKCMDCMGQ5E1ckHl43mGiuv8Vk2qSQCfb2zG
Twp5IXDHEXEW1N6pQRTedyA=
=WFav
-----END PGP SIGNATURE-----

Next message: CrazZzy Slash: "OptiSwitch remote root compromise"

Previous message: bugzilla_at_redhat.com: "[RHSA-2003:173-01] Updated ypserv packages fix a denial of service vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

[CLA-2004:821] Conectiva Security Announcement - XFree86
... Greg MacManus from iDEFENSE Labs discoveredtwo vulnerabilities ... in the way the X server deals with font files. ... It is recommended that all XFree86 users upgrade their packages. ... Detailed instructions regarding the use of apt and upgrade examples ...
(Bugtraq)
[CLA-2004:866] Conectiva Security Announcement - qt3
... Fixes for image loader vulnerabilities ... It is recommended that all qt users upgrade their packages. ... Detailed instructions regarding the use of apt and upgrade examples ...
(Bugtraq)
[CLA-2004:835] Conectiva Security Announcement - ethereal
... These vulnerabilities can be exploited by a attacker who is able to ... It is recommended that all Ethereal users upgrade their packages. ... Detailed instructions regarding the use of apt and upgrade examples ...
(Bugtraq)
[CLA-2003:751] Conectiva Security Announcement - openssl
... SUMMARY: Remote vulnerabilities ... in the OpenSSL implementation: ... It is recommended that all users upgrade their openssl packages. ... Detailed instructions reagarding the use of apt and upgrade examples ...
(Bugtraq)
[CLA-2003:738] Conectiva Security Announcement - pine
... Pine is a mail and news text based client developed by the Washington ... This update fixes two pine remote vulnerabilities found by ... The apt tool can be used to perform RPM packages upgrades: ... Detailed instructions reagarding the use of apt and upgrade examples ...
(Bugtraq)