MDKSA-2005:083
- Package name
- ethereal
- Date
- 2005-05-10
- Advisory ID
- MDKSA-2005:083
- Affected versions
- 10.2 i586 , 10.1 i586 , 10.2 x86_64 , 10.1 x86_64
Problem description
A number of vulnerabilities were discovered in previous version of Ethereal that have been fixed in the 0.10.11 release, including: - The ANSI A and DHCP dissectors are vulnerable to format string vulnerabilities. - The DISTCC, FCELS, SIP, ISIS, CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified, X.509, Q.931, MEGACO, NCP, ISUP, TCAP and Presentation dissectors are vulnerable to buffer overflows. - The KINK, WSP, SMB Mailslot, H.245, MGCP, Q.931, RPC, GSM and SMB NETLOGON dissectors are vulnerable to pointer handling errors. - The LMP, KINK, MGCP, RSVP, SRVLOC, EIGRP, MEGACO, DLSw, NCP and L2TP dissectors are vulnerable to looping problems. - The Telnet and DHCP dissectors could abort. - The TZSP, Bittorrent, SMB, MGCP and ISUP dissectors could cause a segmentation fault. - The WSP, 802.3 Slow protocols, BER, SMB Mailslot, SMB, NDPS, IAX2, RADIUS, SMB PIPE, MRDISC and TCAP dissectors could throw assertions. - The DICOM, NDPS and ICEP dissectors are vulnerable to memory handling errors. - The GSM MAP, AIM, Fibre Channel,SRVLOC, NDPS, LDAP and NTLMSSP dissectors could terminate abnormallly.
Updated packages
10.2 i586
f6d236307d9366150aa2cf900b77ad4b 10.2/RPMS/ethereal-0.10.11-0.1.102mdk.i586.rpm e146cf60690d907aaeb569f59cde8e37 10.2/RPMS/ethereal-tools-0.10.11-0.1.102mdk.i586.rpm a6ee5615d66e5b33ffe05270069fa921 10.2/RPMS/libethereal0-0.10.11-0.1.102mdk.i586.rpm fa4398c9e4947faff78750b289ee922c 10.2/RPMS/tethereal-0.10.11-0.1.102mdk.i586.rpm 0b13985c69b63df65775240b8991c07e 10.2/SRPMS/ethereal-0.10.11-0.1.102mdk.src.rpm
10.1 i586
ae2866749c7a3ceebbd6550ef5a29154 10.1/RPMS/ethereal-0.10.11-0.1.101mdk.i586.rpm 7a27b1b13fd7b9232f078f3c803863c8 10.1/RPMS/ethereal-tools-0.10.11-0.1.101mdk.i586.rpm b32725663f41c817169c650c04dff15e 10.1/RPMS/libethereal0-0.10.11-0.1.101mdk.i586.rpm f995c192659c93c5a77d12ff0dfb74e3 10.1/RPMS/tethereal-0.10.11-0.1.101mdk.i586.rpm 0d2e9e9478b964b9de67e10dab5996d7 10.1/SRPMS/ethereal-0.10.11-0.1.101mdk.src.rpm
10.2 x86_64
7c9dc07574f92df6e3920da6c1320cfb x86_64/10.2/RPMS/ethereal-0.10.11-0.1.102mdk.x86_64.rpm 5684d61528aa353ee5ce58d8c99317f9 x86_64/10.2/RPMS/ethereal-tools-0.10.11-0.1.102mdk.x86_64.rpm ce979043e16801b2b4565fb2dae4e18f x86_64/10.2/RPMS/lib64ethereal0-0.10.11-0.1.102mdk.x86_64.rpm 1e5af06f5eb143a956fd3a0ee88109e0 x86_64/10.2/RPMS/tethereal-0.10.11-0.1.102mdk.x86_64.rpm 0b13985c69b63df65775240b8991c07e x86_64/10.2/SRPMS/ethereal-0.10.11-0.1.102mdk.src.rpm
10.1 x86_64
a6fdb42381866c6c2df04732a0e2e2f0 x86_64/10.1/RPMS/ethereal-0.10.11-0.1.101mdk.x86_64.rpm 285be2e4fff2cec54772d08daf994c0f x86_64/10.1/RPMS/ethereal-tools-0.10.11-0.1.101mdk.x86_64.rpm a672830433d1bd9c044d081116311406 x86_64/10.1/RPMS/lib64ethereal0-0.10.11-0.1.101mdk.x86_64.rpm da5bb65a0ac86ad8510c9c82c6c3c798 x86_64/10.1/RPMS/tethereal-0.10.11-0.1.101mdk.x86_64.rpm 0d2e9e9478b964b9de67e10dab5996d7 x86_64/10.1/SRPMS/ethereal-0.10.11-0.1.101mdk.src.rpm
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1456
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1457
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1458
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1459
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1460
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1461
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1462
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1463
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1464
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1465
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1466
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1467
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1468
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1469
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1470
- http://www.ethereal.com/appnotes/enpa-sa-00019.html