Detections
Analytics
Mandrake Linux Security Advisory : ethereal (MDKSA-2003:067)
critical Nessus Plugin ID 14050
Synopsis
The remote Mandrake Linux host is missing a security update.Description
Several vulnerabilities in ethereal were discovered by Timo Sirainen.Integer overflows were found in the Mount and PPP dissectors, as well as one-byte buffer overflows in the AIM, GIOP Gryphon, OSPF, PPTP, Quake, Quake2, Quake3, Rsync, SMB, SMPP, and TSP dissectors. These vulnerabilities were corrected in ethereal 0.9.12.
Solution
Update the affected ethereal package.See Also
http://ethereal.archive.sunet.se/appnotes/enpa-sa-00009.html
Plugin Details
Severity: Critical
ID: 14050
File Name: mandrake_MDKSA-2003-067.nasl
Version: 1.22
Type: local
Family: Mandriva Local Security Checks
Published: 7/31/2004
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:mandriva:linux:ethereal, cpe:/o:mandrakesoft:mandrake_linux:9.1
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list
Patch Publication Date: 6/16/2003
Reference Information
CVE: CVE-2003-0356, CVE-2003-0357
MDKSA: 2003:067