7.5 - RHSA-2005:427

Executive Summary

Summary
Title	ethereal security update

Informations
Name	RHSA-2005:427	First vendor Publication	2005-05-24
Vendor	RedHat	Last vendor Modification	2005-05-24
Severity (Vendor)	Moderate	Revision	01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated Ethereal packages that fix various security vulnerabilities are now available.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

The ethereal package is a program for monitoring network traffic.

A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-1456, CAN-2005-1457, CAN-2005-1458, CAN-2005-1459, CAN-2005-1460, CAN-2005-1461, CAN-2005-1462, CAN-2005-1463, CAN-2005-1464, CAN-2005-1465, CAN-2005-1466, CAN-2005-1467, CAN-2005-1468, CAN-2005-1469, and CAN-2005-1470 to these issues.

Users of ethereal should upgrade to these updated packages, which contain version 0.10.11 which is not vulnerable to these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

156911 - multiple ethereal security issues

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2005-427.html

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10049

Oval ID:	oval:org.mitre.oval:def:10049
Title:	Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) via unknown vectors that lead to a null dereference.
Description:	Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) via unknown vectors that lead to a null dereference.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1468	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:10224

Oval ID:	oval:org.mitre.oval:def:10224
Title:	Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (long loop).
Description:	Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (long loop).
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1465	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:10713

Oval ID:	oval:org.mitre.oval:def:10713
Title:	Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.
Description:	Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1463	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:11024

Oval ID:	oval:org.mitre.oval:def:11024
Title:	Unknown vulnerability in the DICOM dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (large memory allocation) via unknown vectors.
Description:	Unknown vulnerability in the DICOM dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (large memory allocation) via unknown vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1466	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:11348

Oval ID:	oval:org.mitre.oval:def:11348
Title:	Multiple unknown "other problems" in the KINK dissector in Ethereal before 0.10.11 have unknown impact and attack vectors.
Description:	Multiple unknown "other problems" in the KINK dissector in Ethereal before 0.10.11 have unknown impact and attack vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1458	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:11494

Oval ID:	oval:org.mitre.oval:def:11494
Title:	Multiple unknown vulnerabilities in the (1) WSP, (2) BER, (3) SMB, (4) NDPS, (5) IAX2, (6) RADIUS, (7) TCAP, (8) MRDISC, (9) 802.3 Slow, (10) SMBMailslot, or (11) SMB PIPE dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error).
Description:	Multiple unknown vulnerabilities in the (1) WSP, (2) BER, (3) SMB, (4) NDPS, (5) IAX2, (6) RADIUS, (7) TCAP, (8) MRDISC, (9) 802.3 Slow, (10) SMBMailslot, or (11) SMB PIPE dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error).
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1459	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:11804

Oval ID:	oval:org.mitre.oval:def:11804
Title:	Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors.
Description:	Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1470	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:9534

Oval ID:	oval:org.mitre.oval:def:9534
Title:	Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, (4) EIGRP, (5) DLSw, (6) MEGACO, (7) LMP, and (8) RSVP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (infinite loop).
Description:	Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, (4) EIGRP, (5) DLSw, (6) MEGACO, (7) LMP, and (8) RSVP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (infinite loop).
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1464	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:9598

Oval ID:	oval:org.mitre.oval:def:9598
Title:	Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cause the dissector to access an invalid pointer.
Description:	Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cause the dissector to access an invalid pointer.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1469	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:9654

Oval ID:	oval:org.mitre.oval:def:9654
Title:	Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (memory exhaustion) via unknown vectors.
Description:	Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (memory exhaustion) via unknown vectors.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1467	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:9700

Oval ID:	oval:org.mitre.oval:def:9700
Title:	Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (abort).
Description:	Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (abort).
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1456	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:9713

Oval ID:	oval:org.mitre.oval:def:9713
Title:	Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.
Description:	Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1462	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:9825

Oval ID:	oval:org.mitre.oval:def:9825
Title:	Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC, and (6) NTLMSSP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash).
Description:	Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC, and (6) NTLMSSP dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash).
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1457	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:9853

Oval ID:	oval:org.mitre.oval:def:9853
Title:	Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.
Description:	Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGACO, (17) PKIX1Explitit, (18) PKIX_Qualified, (19) Presentation dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1461	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

Definition Id: oval:org.mitre.oval:def:9970

Oval ID:	oval:org.mitre.oval:def:9970
Title:	Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error) via an invalid protocol tree item length.
Description:	Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error) via an invalid protocol tree item length.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1460	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL3.1 AND ethereal is earlier than 0:0.10.11-1.EL3.1 OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section ethereal-gnome is earlier than 0:0.10.11-1.EL4.1 AND ethereal is earlier than 0:0.10.11-1.EL4.1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Ethereal Group Ethereal cpe:2.3:a:ethereal_group:ethereal:0.9.9:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.8:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.7:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.6:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.5:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.4:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.3:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.2:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.16:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.15:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.14:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.13:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.12:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.11:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.10:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9.1:::::::* cpe:2.3:a:ethereal_group:ethereal:0.9:::::::* cpe:2.3:a:ethereal_group:ethereal:0.8.19:::::::* cpe:2.3:a:ethereal_group:ethereal:0.8.18:::::::* cpe:2.3:a:ethereal_group:ethereal:0.8.15:::::::* cpe:2.3:a:ethereal_group:ethereal:0.8.14:::::::* cpe:2.3:a:ethereal_group:ethereal:0.8.13:::::::* cpe:2.3:a:ethereal_group:ethereal:0.8:::::::* cpe:2.3:a:ethereal_group:ethereal:0.10.9:::::::* cpe:2.3:a:ethereal_group:ethereal:0.10.8:::::::* cpe:2.3:a:ethereal_group:ethereal:0.10.7:::::::* cpe:2.3:a:ethereal_group:ethereal:0.10.6:::::::* cpe:2.3:a:ethereal_group:ethereal:0.10.5:::::::* cpe:2.3:a:ethereal_group:ethereal:0.10.4:::::::* cpe:2.3:a:ethereal_group:ethereal:0.10.3:::::::* cpe:2.3:a:ethereal_group:ethereal:0.10.2:::::::* cpe:2.3:a:ethereal_group:ethereal:0.10.10:::::::* cpe:2.3:a:ethereal_group:ethereal:0.10.1:::::::* cpe:2.3:a:ethereal_group:ethereal:0.10.0:::::::* cpe:2.3:a:ethereal_group:ethereal:0.10:::::::*	35

OpenVAS Exploits

Date	Description
2008-09-24	Name : Gentoo Security Advisory GLSA 200505-03 (Ethereal) File : nvt/glsa_200505_03.nasl
2008-09-04	Name : FreeBSD Ports: ethereal, tethereal File : nvt/freebsd_ethereal5.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
16269	Ethereal OCSP Dissector Remote Overflow Ethereal contains a flaw related to the OCSP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided.
16153	Ethereal Presentation Dissector Remote Overflow Ethereal contains a flaw related to the Presentation dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided.
16152	Ethereal NTLMSSP Dissector Unspecified Remote DoS Ethereal contains a flaw related to the NTLMSSP dissector that may allow an attacker to cause a denial of service. No further details have been provided.
16151	Ethereal TCAP Dissector Unspecified DoS Ethereal contains a flaw related to the TCAP dissector that may allow an attacker to cause a denial of service. No further details have been provided.
16150	Ethereal TCAP Dissector Unspecified Remote Overflow Ethereal contains a flaw related to the TCAP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided.
16149	Ethereal LDAP Dissector Unspecified Remote DoS Ethereal contains a flaw related to the LDAP dissector that may allow an attacker to cause a denial of service. No further details have been provided.
16148	Ethereal ISUP Dissector Unspecified Remote DoS Ethereal contains a flaw related to the ISUP dissector that may allow an attacker to cause a denial of service by triggering a segmentation fault. No further details have been provided.
16147	Ethereal ISUP Dissector Remote Overflow Ethereal contains a flaw related to the ISUP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided.
16146	Ethereal MRDISC Dissector Unspecified Remote DoS Ethereal contains a flaw related to the MRDISC dissector that may allow an attacker to cause a denial of service. No further details have been provided.
16145	Ethereal L2TP Dissector Infinite Loop Remote DoS Ethereal contains a flaw related to the L2TP dissector that may allow an attacker to cause a denial of service by triggering an infinite loop. No further details have been provided.
16144	Ethereal GSM Dissector Invalid Pointer Remote DoS Ethereal contains a flaw related to the GSM dissector that may allow an attacker to cause a denial of service by accessing an invalid pointer. No further details have been provided.
16143	Ethereal RADIUS Dissector Unspecified Remote DoS Ethereal contains a flaw related to the RADIUS dissector that may allow an attacker to cause a denial of service. No further details have been provided.
16142	Ethereal NCP Dissector Infinite Loop Remote DoS Ethereal contains a flaw related to the NCP dissector that may allow an attacker to cause a denial of service by triggering an infinite loop. No further details have been provided.
16141	Ethereal NCP Dissector Remote Overflow Ethereal contains a flaw related to the NCP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided.
16140	Ethereal RPC Dissector Null Pointer Remote DoS Ethereal contains a flaw related to the RPC dissector that may allow an attacker to cause denial of service by triggering a null pointer exception. No further details have been provided.
16139	Ethereal DLSw Dissector Infinite Loop Remote DoS Ethereal contains a flaw related to the DLSw dissector that may allow an attacker to cause a denial of service by triggering an infinite loop. No further details have been provided.
16138	Ethereal MEGACO Dissector Infinite Loop Remote DoS Ethereal contains a flaw related to the MEGACO dissector that may allow an attacker to cause a denial of service by triggering an infinite loop. No further details have been provided.
16137	Ethereal MEGACO Dissector Remote Overflow Ethereal contains a flaw related to the MEGACO dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided.
16136	Ethereal ICEP Dissector Double-free Remote DoS Ethereal contains a flaw related to the ICEP dissector that may allow an attacker to cause a denial of service by freeing the same memory twice. No further details have been provided.
16135	Ethereal IAX2 Dissector Unspecified Remote DoS Ethereal contains a flaw related to the IAX2 dissector that may allow an attacker to cause a denial of service by triggering an assertion. No further details have been provided.
16134	Ethereal Q.931 Dissector Remote Null Pointer DoS Ethereal contains a flaw related to the Q.931 dissector that may allow an attacker to cause a denial of service. No further details have been provided.
16133	Ethereal Q.931 Dissector Remote Overflow Ethereal contains a flaw related to the Q.931 dissector that may allow an attacker to execute arbitrary code by freeing a null pointer and overflowing an unspecified buffer. No further details have been provided.
16132	Ethereal NDPS Dissector Multiple Method Remote DoS Ethereal contains flaws related to the NDPS dissector that may allow an attacker to cause a denial of service by exhausting system memory, or causing an assertion, or crash. No further details have been provided.
16130	Ethereal PKIX Qualified Dissector Remote Overflow Ethereal contains a flaw related to the PKIX Qualified dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided.
16129	Ethereal PKIX1Explitit Dissector Remote Overflow Ethereal contains a flaw related to the PKIX1Explitit dissector that may allow an attacker to execute arbitrary code by triggering an unspcified buffer overflow. No further details have been provided.
16127	Ethereal ESS Dissector Remote Overflow Ethereal contains a flaw related to the ESS dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided.
16126	Ethereal CRMF Dissector Remote Overflow Ethereal contains a flaw related to the CRMF dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided.
16125	Ethereal CMS Dissector Remote Overflow Ethereal contains a flaw related to the CMS dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided.
16124	Ethereal CMP Dissector Remote Overflow Ethereal contains a flaw related to the CMP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided.
16123	Ethereal CMIP Dissector Remote Overflow Ethereal contains a flaw related to the CMIP dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided.
16122	Ethereal ISIS Dissector Remote Overflow Ethereal contains a flaw related to the ISIS dissector that may allow an attacker to execute arbitrary code by triggering an unspecified buffer overflow. No further details have been provided.
16121	Ethereal EIGRP Dissector Infinite Loop Remote DoS Ethereal contains a flaw related to the EIGRP dissector that may allow an attacker to cause a denial of service by triggering an infinite loop. No further details have been provided.
16120	Ethereal SRVLOC Dissector Multiple Method Remote DoS Ethereal contains a flaw related to the SVRLOC dissector that may allow an attacker to cause a denial of service by triggering a crash or infinite loop. No further details have been provided.
16119	Ethereal DHCP Dissector Remote Format String Ethereal contains an unspecified format string flaw related to the DHCP dissector that may allow an attacker to execute arbitrary code. No further details have been provided.
16118	Ethereal RSVP Dissector Unspecified Remote DoS Ethereal contains a flaw related to the RSVP dissector that may allow an attacker to cause a denial of service. No further details have been provided.
16117	Ethereal MGCP Dissector Multiple Method Remote DoS Ethereal contains a flaw related to the MGCP dissector that may allow an attacker to cause a denial of service by triggering a null pointer exception, infinite loop or segmentation fault. No further details have been provided.
16116	Ethereal DICOM Dissector Memory Exhaustion Remote DoS Ethereal contains a flaw related to the DICOM dissector that may allow an attacker to cause a denial of service by allocating large amounts of memory. No further details have been provided.
16115	Ethereal Fibre Channel Dissector Unspecified Remote DoS Ethereal contains a flaw related to the Fibre Channel dissector that may allow an attacker to cause a denial of service. No further details have been provided.
16114	Ethereal Bittorrent Dissector Unspecified Remote DoS Ethereal contains a flaw related to the Bittorrent dissector that may allow an attacker to cause a denial of service by triggering a segmentation fault. No further details have been provided.
16113	Ethereal H.245 Dissector Null Pointer Exception DoS Ethereal contains a flaw related to the H.245 dissector that may allow an attacker to cause a denial of service by triggering a null pointer exception. No further details have been provided.
16112	Ethereal SMB Dissector Unspecified Remote DoS Ethereal contains a flaw related to the SMB dissector that may allow an attacker to cause a denial of service by triggering unspecified assertions. No further details have been provided.
16111	Ethereal SMB Dissector dissect_ipc_state() Malformed Packet DoS Ethereal contains a flaw that may allow a remote denial of service. The issue is triggered when a malformed UDP packet is handled by the dissect_ipc_state() function, and will result in loss of availability for the application.
16110	Ethereal SMB PIPE Dissector Unspecified Remote DoS Ethereal contains a flaw related to the SMP PIPE dissector that may allow an attacker to cause a denial of service. No further details have been provided.
16109	Ethereal SMB Mailslot Dissector Multiple Method DoS Ethereal contains flaws that may allow a remote denial of service. The issue is triggered by unspecified flaws in the SMB Mailslot dissector which can cause null pointer exceptions or assertions, and will result in loss of availability for the application.
16108	Ethereal SMB NETLOGON Dissector Null Pointer Dereference DoS Ethereal contains a flaw related to the SMB NETLOGON dissector that may allow an attacker to cause a denial of service. No further details have been provided.
16107	Ethereal BER Dissector Unspecified Remote DoS Ethereal contains a flaw related to the BER dissector that may allow an attacker to cause a denial of service by triggering an assertion. No further details have been provided.
16106	Ethereal 802.3 Slow Protocol Dissector Unspecified DoS Ethereal contains a flaw related to the 802.3 Slow protocols dissector that may allow an attacker to cause a denial of service by triggering an assertion. No further details have been provided.
16105	Ethereal WSP Dissector Multiple Method Remote DoS Ethereal contains flaws that may allow a remote denial of service. The issue is triggered by unspecified flaws which can cause null pointer exceptions or assertions, and will result in loss of availability for the application.
16104	Ethereal TZSP Dissector Unspecified Remote DoS Ethereal contains a flaw related to the TZSP dissector that may allow an attacker to cause a denial of service. No further details have been provided.
16103	Ethereal Telnet Dissector Unspecified Remote DoS Ethereal contains a flaw related to the Telnet dissector that may allow an attacker to cause a denial of service. No further details have been provided.
16102	Ethereal LMP Dissector Endless Loop Remote DoS Ethereal contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker causes the LMP dissector to enter an endless loop, and will result in loss of availability for the application.
16101	Ethereal KINK Dissector Multiple Method Remote DoS Ethereal contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker causes the KINK dissector to generate null pointer exceptions or endless looping, and will result in loss of availability for the application.
16100	Ethereal KINK Dissector Unspecified Security Issue Ethereal contains a flaw related to the KINK dissector. No further details have been provided.
16099	Ethereal SIP Dissector Remote Overflow A remote overflow exists in Ethereal. The SIP dissector fails to validate user-supplied input in the cseq_method variable resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
16098	Ethereal FCELS Dissector Remote Overflow A remote overflow exists in Ethereal. The FCELS dissector fails to validate unspecified input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
16097	Ethereal DISTCC Dissector Multiple Message Type Parsing Remote Overflow A remote overflow exists in Ethereal. The DISTCC dissector fails to validate argv, serr and sout messages resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
16096	Ethereal AIM Dissector Unspecified Remote DoS Ethereal contains a flaw related to the AIM dissector that may allow a remote attacker to cause a denial of service. No further details have been provided.
16095	Ethereal GSM MAP Dissector Unspecified Remote DoS Ethereal contains a flaw related to the GSM MAP dissector that may allow a remote attacker to cause a denial of service. No further details have been provided.
16094	Ethereal ANSI A Dissector Remote Format String A remote format string handling flaw exists in Ethereal. The ANSI A dissector fails to validate user-supplied input. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
16093	Ethereal Multiple Dissector Invalid Protocol Tree Item Length DoS Ethereal contains a flaw related to multiple dissectors that may allow an attacker to cause a denial of service by passing an invalid protocol tree item length. No further details have been provided.

Snort® IPS/IDS

Date	Description
2014-01-10	Ethereal SIP UDP CSeq overflow attempt RuleID : 3678 - Revision : 7 - Type : EXPLOIT
2014-01-10	Ethereal SIP UDP CSeq overflow attempt RuleID : 3677 - Revision : 8 - Type : EXPLOIT
2014-01-10	SMB Trans unicode andx data displacement null pointer DOS attempt RuleID : 3650 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB Trans unicode data displacement null pointer DOS attempt RuleID : 3649 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB Trans data displacement null pointer DOS attempt RuleID : 3648 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB Trans andx data displacement null pointer DOS attempt RuleID : 3647 - Revision : 5 - Type : NETBIOS
2014-01-10	SMB-DS Trans unicode andx data displacement null pointer DOS attempt RuleID : 3646 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS Trans unicode data displacement null pointer DOS attempt RuleID : 3645 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS Trans data displacement null pointer DOS attempt RuleID : 3644 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB-DS Trans andx data displacement null pointer DOS attempt RuleID : 3643 - Revision : 4 - Type : NETBIOS
2014-01-10	SMB Trans unicode andx data displacement null pointer DOS attempt RuleID : 3642 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB Trans unicode data displacement null pointer DOS attempt RuleID : 3641 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB Trans data displacement null pointer DOS attempt RuleID : 3640 - Revision : 3 - Type : NETBIOS
2014-01-10	SMB Trans andx data displacement null pointer DOS attempt RuleID : 3639 - Revision : 3 - Type : NETBIOS
2014-01-10	CSeq buffer overflow attempt RuleID : 16351 - Revision : 11 - Type : PROTOCOL-VOIP
2014-01-10	CSeq buffer overflow attempt RuleID : 11971 - Revision : 8 - Type : PROTOCOL-VOIP

Nessus® Vulnerability Scanner

Date	Description
2006-07-03	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-427.nasl - Type : ACT_GATHER_INFO
2005-07-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_76adaab0e4e311d9b8750001020eed82.nasl - Type : ACT_GATHER_INFO
2005-05-28	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-427.nasl - Type : ACT_GATHER_INFO
2005-05-11	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200505-03.nasl - Type : ACT_GATHER_INFO
2005-05-11	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-083.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:49:22	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	15
CPE ID(s)	35
osvdb(s)	60
Openvas Exploit(s)	2
Snort® Rule(s)	16
Nessus® Exploit(s)	5

	Related
7.5	RHSA-2005:687
7.5	CVE-2005-1463
7.5	CVE-2005-1462
7.5	CVE-2005-1461
5	CVE-2005-1470
5	CVE-2005-1469
5	CVE-2005-1468
5	CVE-2005-1467
5	CVE-2005-1466
5	CVE-2005-1465
5	CVE-2005-1464
5	CVE-2005-1460
5	CVE-2005-1459
5	CVE-2005-1458
5	CVE-2005-1457
5	CVE-2005-1456
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 16 more Alert(s)

7.5 - RHSA-2005:427

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU