This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated ethereal packages are available which fix several security
Ethereal is a package designed for monitoring network traffic on your
system. Several security issues have been found in the Ethereal
packages distributed with Red Hat Linux Advanced Server :
Buffer overflow in Ethereal 0.9.5 and earlier allows remote attackers
to cause a denial of service or execute arbitrary code via the ISIS
Buffer overflows in Ethereal 0.9.4 and earlier allows remote attackers
to cause a denial of service or execute arbitrary code via (1) the BGP
dissector, or (2) the WCP dissector. (CVE-2002-0821)
Ethereal 0.9.4 and earlier allows remote attackers to cause a denial
of service and possibly execute arbitrary code via the (1) SOCKS, (2)
RSVP, (3) AFS, or (4) LMP dissectors, which can be caused to core dump
A buffer overflow in the X11 dissector in Ethereal before 0.9.4 allows
remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code while Ethereal is parsing keysyms.
The DNS dissector in Ethereal before 0.9.4 allows remote attackers to
cause a denial of service (CPU consumption) via a malformed packet
that causes Ethereal to enter an infinite loop. (CVE-2002-0403)
A vulnerability in the GIOP dissector in Ethereal before 0.9.4 allows
remote attackers to cause a denial of service (memory consumption).
Users of Ethereal should update to the errata packages containing
Ethereal version 0.9.6 which is not vulnerable to these issues.
See also :
Update the affected ethereal and / or ethereal-gnome packages.
Risk factor :
High / CVSS Base Score : 7.5