FW: [Full-Disclosure] [ GLSA 200412-15 ] Ethereal: Multiplevulnerabilities

• Previous message: rzaluski: "RE: Class on Security Tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 20 Dec 2004 13:23:02 -0600
To: <pen-test@securityfocus.com>

 Version 0.10.8 was released on Dec 15.

> -----Original Message-----
> From: full-disclosure-bounces@lists.netsys.com
> [mailto:full-disclosure-bounces@lists.netsys.com] On Behalf
> Of Sune Kloppenborg Jeppesen
> Sent: Sunday, December 19, 2004 8:30 AM
> To: gentoo-announce@gentoo.org
> Cc: security-alerts@linuxsecurity.com;
> bugtraq@securityfocus.com; full-disclosure@lists.netsys.com
> Subject: [Full-Disclosure] [ GLSA 200412-15 ] Ethereal:
> Multiplevulnerabilities
>
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - - - - -
> Gentoo Linux Security Advisory GLSA
> 200412-15
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - - - - -
>
> http://security.gentoo.org/
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - - - - -
>
> Severity: High
> Title: Ethereal: Multiple vulnerabilities
> Date: December 19, 2004
> Bugs: #74443
> ID: 200412-15
>
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - - - - -
>
> Synopsis
> ========
>
> Multiple vulnerabilities exist in Ethereal, which may allow
> an attacker to run arbitrary code, crash the program or
> perform DoS by CPU and disk utilization.
>
> Background
> ==========
>
> Ethereal is a feature rich network protocol analyzer.
>
> Affected packages
> =================
>
>
> -------------------------------------------------------------------
> Package / Vulnerable / Unaffected
>
> -------------------------------------------------------------------
> 1 net-analyzer/ethereal < 0.10.8 >= 0.10.8
>
> Description
> ===========
>
> There are multiple vulnerabilities in versions of Ethereal
> earlier than 0.10.8, including:
>
> * Bug in DICOM dissection discovered by Bing could make Ethereal
> crash (CAN 2004-1139).
>
> * An invalid RTP timestamp could make Ethereal hang and create a
> large temporary file (CAN 2004-1140).
>
> * The HTTP dissector could access previously-freed memory (CAN
> 2004-1141).
>
> * Brian Caswell discovered that an improperly formatted SMB could
> make Ethereal hang (CAN 2004-1142).
>
> Impact
> ======
>
> An attacker might be able to use these vulnerabilities to
> crash Ethereal, perform DoS by CPU and disk space utilization
> or even execute arbitrary code with the permissions of the
> user running Ethereal, which could be the root user.
>
> Workaround
> ==========
>
> For a temporary workaround you can disable all affected
> protocol dissectors by selecting Analyze->Enabled
> Protocols... and deselecting them from the list. However, it
> is strongly recommended to upgrade to the latest stable version.
>
> Resolution
> ==========
>
> All ethereal users should upgrade to the latest version:
>
> # emerge --sync
> # emerge --ask --oneshot --verbose
> ">=net-analyzer/ethereal-0.10.8"
>
> References
> ==========
>
> [ 1 ] Ethereal enpa-sa-00016
> http://www.ethereal.com/appnotes/enpa-sa-00016.html
> [ 2 ] CAN 2004-1139
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1139
> [ 3 ] CAN 2004-1140
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1140
> [ 4 ] CAN 2004-1141
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1141
> [ 5 ] CAN 2004-1142
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1142
>
> Availability
> ============
>
> This GLSA and any updates to it are available for viewing at
> the Gentoo Security Website:
>
> http://security.gentoo.org/glsa/glsa-200412-15.xml
>
> Concerns?
> =========
>
> Security is a primary focus of Gentoo Linux and ensuring the
> confidentiality and security of our users machines is of
> utmost importance to us. Any security concerns should be
> addressed to security@gentoo.org or alternatively, you may
> file a bug at http://bugs.gentoo.org.
>
> License
> =======
>
> Copyright 2004 Gentoo Foundation, Inc; referenced text
> belongs to its owner(s).
>
> The contents of this document are licensed under the Creative
> Commons - Attribution / Share Alike license.
>
> http://creativecommons.org/licenses/by-sa/2.0
>

• Previous message: rzaluski: "RE: Class on Security Tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]