Executive Summary
Summary | |
---|---|
Title | ethereal security update |
Informations | |||
---|---|---|---|
Name | RHSA-2005:037 | First vendor Publication | 2005-02-15 |
Vendor | RedHat | Last vendor Modification | 2005-02-15 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated Ethereal packages that fix various security vulnerabilities are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Ethereal is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws. A flaw in the DICOM dissector could cause a crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1139 to this issue. A invalid RTP timestamp could hang Ethereal and create a large temporary file, possibly filling available disk space. (CAN-2004-1140) The HTTP dissector could access previously-freed memory, causing a crash. (CAN-2004-1141) An improperly formatted SMB packet could make Ethereal hang, maximizing CPU utilization. (CAN-2004-1142) The COPS dissector could go into an infinite loop. (CAN-2005-0006) The DLSw dissector could cause an assertion, making Ethereal exit prematurely. (CAN-2005-0007) The DNP dissector could cause memory corruption. (CAN-2005-0008) The Gnutella dissector could cause an assertion, making Ethereal exit prematurely. (CAN-2005-0009) The MMSE dissector could free static memory, causing a crash. (CAN-2005-0010) The X11 protocol dissector is vulnerable to a string buffer overflow. (CAN-2005-0084) Users of Ethereal should upgrade to these updated packages which contain version 0.10.9 that is not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 144188 - CAN-2004-1139 Ethereal flaws (CAN-2004-1140 CAN-2004-1141 CAN-2004-1142) 145483 - CAN-2005-0006 multiple ethereal issues (CAN-2005-0007 CAN-2005-0008 CAN-2005-0009 CAN-2005-0010 CAN-2005-0084) |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-037.html |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10484 | |||
Oval ID: | oval:org.mitre.oval:def:10484 | ||
Title: | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp. | ||
Description: | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1140 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10623 | |||
Oval ID: | oval:org.mitre.oval:def:10623 | ||
Title: | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. | ||
Description: | Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0009 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10689 | |||
Oval ID: | oval:org.mitre.oval:def:10689 | ||
Title: | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. | ||
Description: | Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through 0.10.8 allows remote attackers to cause "memory corruption." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0008 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10801 | |||
Oval ID: | oval:org.mitre.oval:def:10801 | ||
Title: | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. | ||
Description: | The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (infinite loop). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0006 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11278 | |||
Oval ID: | oval:org.mitre.oval:def:11278 | ||
Title: | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. | ||
Description: | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1142 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11319 | |||
Oval ID: | oval:org.mitre.oval:def:11319 | ||
Title: | Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). | ||
Description: | Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1139 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11381 | |||
Oval ID: | oval:org.mitre.oval:def:11381 | ||
Title: | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. | ||
Description: | Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash from assertion). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0007 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9140 | |||
Oval ID: | oval:org.mitre.oval:def:9140 | ||
Title: | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. | ||
Description: | Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0084 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9473 | |||
Oval ID: | oval:org.mitre.oval:def:9473 | ||
Title: | The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application crash) via a certain packet that causes the dissector to access previously-freed memory. | ||
Description: | The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application crash) via a certain packet that causes the dissector to access previously-freed memory. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-1141 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9521 | |||
Oval ID: | oval:org.mitre.oval:def:9521 | ||
Title: | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. | ||
Description: | Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through 0.10.8 allows remote attackers to cause a denial of service by triggering a free of statically allocated memory. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0010 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5010966.nasl |
2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5016846.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200412-15 (Ethereal) File : nvt/glsa_200412_15.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200501-27 (ethereal) File : nvt/glsa_200501_27.nasl |
2008-09-04 | Name : FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite File : nvt/freebsd_ethereal0.nasl |
2008-09-04 | Name : FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite File : nvt/freebsd_ethereal1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 613-1 (ethereal) File : nvt/deb_613_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 653-1 (ethereal) File : nvt/deb_653_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
13113 | Ethereal X11 Protocol Dissector Overflow A remote overflow exists in Ethereal. The X11 protocol dissector fails to validate some unspecified strings resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
13112 | Ethereal MMSE Dissector Static Memory Freeing Ethereal contains a flaw related to the MMSE dissector that may allow an attacker to cause a denial of service by freeing statically-allocated memory. No further details have been provided. |
13111 | Ethereal Gnutella Dissector Assertion DoS Ethereal contains a flaw related to the Gnutella dissector that may allow an attacker to cause a denial of service by triggering an assertion. The Ethereal user must cause the dissector to be run on data supplied by the attacker. The user can do this by viewing a specific packet or reassembling a TCP stream. |
13110 | Ethereal DNP Dissector Memory Corruption DoS Ethereal contains a memory corruption flaw related to the DNP dissector that may allow an attacker to cause a denial of service. No further details have been provided. |
13109 | Ethereal DLSw Dissector Assertion DoS Ethereal contains a flaw related to the DLSw dissector that may allow an attacker to cause a denial of service by triggering an assertion. No further details have been provided. |
13108 | Ethereal COPS Dissector Infinite Loop DoS Ethereal contains a flaw related to the COPS dissector that may allow an attacker to cause the application to enter an infinite loop, and cause a denial of service. No further details have been provided. |
12383 | Ethereal Malformed SMB Packet DoS Ethereal contains a flaw that may allow a remote denial of service. The issue is triggered when Ethereal receives a malformed SMB packet that can maximize the CPU utilization and result in loss of availability for the service. |
12382 | Ethereal HTTP Dissector Double Free DoS Ethereal contains a flaw that may allow a remote denial of service. The issue is triggered when Ethereal receives certain HTTP traffic that can cause a double free and result in loss of availability for the service. |
12381 | Ethereal Malformed RTP Timestamp DoS Ethereal contains a flaw that may allow a remote denial of service. The issue is triggered when Ethereal receives an invalid RTP timestamp that can create a large temporary file and potentially result in loss of availability for the system. |
12380 | Ethereal DICOM Dissector DoS Ethereal contains a flaw that may allow a remote denial of service. The issue is triggered when Ethereal receives certain DICOM traffic that can crash Ethereal and result in loss of availability for the service. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_831a6a6679fa11d9a9e70001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_efa1344b547711d9a9e70001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-037.nasl - Type : ACT_GATHER_INFO |
2005-02-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200501-27.nasl - Type : ACT_GATHER_INFO |
2005-02-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-011.nasl - Type : ACT_GATHER_INFO |
2005-01-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-653.nasl - Type : ACT_GATHER_INFO |
2005-01-25 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-013.nasl - Type : ACT_GATHER_INFO |
2004-12-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-613.nasl - Type : ACT_GATHER_INFO |
2004-12-21 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-152.nasl - Type : ACT_GATHER_INFO |
2004-12-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200412-15.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:48:55 |
|