Detections
Analytics
Mandrake Linux Security Advisory : ethereal (MDKSA-2004:024)
medium Nessus Plugin ID 14123
Synopsis
The remote Mandrake Linux host is missing a security update.Description
A number of serious issues have been discovered in versions of Ethereal prior to 0.10.2. Stefan Esser discovered thirteen buffer overflows in the NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP dissectors. Jonathan Heusser discovered that a carefully-crafted RADIUS packet could cause Ethereal to crash. It was also found that a zero-length Presentation protocol selector could make Ethereal crash.Finally, a corrupt color filter file could cause a segmentation fault.
It is possible, through the exploitation of some of these vulnerabilities, to cause Ethereal to crash or run arbitrary code by injecting a malicious, malformed packet onto the wire, by convincing someone to read a malformed packet trace file, or by creating a malformed color filter file.
The updated packages bring Ethereal to version 0.10.3 which is not vulnerable to these issues.
Solution
Update the affected ethereal package.See Also
http://ethereal.archive.sunet.se/appnotes/enpa-sa-00013.html
Plugin Details
Severity: Medium
ID: 14123
File Name: mandrake_MDKSA-2004-024.nasl
Version: 1.21
Type: local
Family: Mandriva Local Security Checks
Published: 7/31/2004
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Vulnerability Information
CPE: p-cpe:/a:mandriva:linux:ethereal, cpe:/o:mandrakesoft:mandrake_linux:9.1, cpe:/o:mandrakesoft:mandrake_linux:9.2
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list
Patch Publication Date: 3/30/2004
Reference Information
CVE: CVE-2004-0176, CVE-2004-0365, CVE-2004-0367
MDKSA: 2004:024