This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated Ethereal packages that fix a number of exploitable security
issues are now available.
Ethereal is a program for monitoring network traffic.
A number of security issues affect Ethereal. By exploiting these
issues, it may be possible to make Ethereal crash or run arbitrary
code by injecting a purposefully-malformed packet onto the wire or by
convincing someone to read a malformed packet trace file.
A buffer overflow in Ethereal 0.9.15 and earlier allows remote
attackers to cause a denial of service and possibly execute arbitrary
code via a malformed GTP MSISDN string. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2003-0925
to this issue.
Ethereal 0.9.15 and earlier allows remote attackers to cause a denial
of service (crash) via certain malformed ISAKMP or MEGACO packets. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2003-0926 to this issue.
A heap-based buffer overflow in Ethereal 0.9.15 and earlier allows
remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via the SOCKS dissector. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2003-0927 to this issue.
Users of Ethereal should update to these erratum packages containing
Ethereal version 0.9.16, which is not vulnerable to these issues.
See also :
Update the affected ethereal and / or ethereal-gnome packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12433 ()
CVE ID: CVE-2003-0925CVE-2003-0926CVE-2003-0927
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.