This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated ethereal packages are available which fix several security
Ethereal is a package designed for monitoring network traffic on your
system. Several security issues have been found in the Ethereal
packages distributed with Red Hat Linux Advanced Server :
Buffer overflow in Ethereal 0.9.5 and earlier allows remote attackers
to cause a denial of service or execute arbitrary code via the ISIS
Buffer overflows in Ethereal 0.9.4 and earlier allows remote attackers
to cause a denial of service or execute arbitrary code via (1) the BGP
dissector, or (2) the WCP dissector. (CVE-2002-0821)
Ethereal 0.9.4 and earlier allows remote attackers to cause a denial
of service and possibly execute arbitrary code via the (1) SOCKS, (2)
RSVP, (3) AFS, or (4) LMP dissectors, which can be caused to core dump
A buffer overflow in the X11 dissector in Ethereal before 0.9.4 allows
remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code while Ethereal is parsing keysyms.
The DNS dissector in Ethereal before 0.9.4 allows remote attackers to
cause a denial of service (CPU consumption) via a malformed packet
that causes Ethereal to enter an infinite loop. (CVE-2002-0403)
A vulnerability in the GIOP dissector in Ethereal before 0.9.4 allows
remote attackers to cause a denial of service (memory consumption).
Users of Ethereal should update to the errata packages containing
Ethereal version 0.9.6 which is not vulnerable to these issues.
See also :
Update the affected ethereal and / or ethereal-gnome packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12319 ()
CVE ID: CVE-2002-0402CVE-2002-0403CVE-2002-0404CVE-2002-0821CVE-2002-0822CVE-2002-0834
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.