Detections
Analytics

Debian DSA-130-1 : ethereal - remotely triggered memory allocation error

high Nessus Plugin ID 14967

Synopsis

The remote Debian host is missing a security-related update.

Description

Ethereal versions prior to 0.9.3 were vulnerable to an allocation error in the ASN.1 parser. This can be triggered when analyzing traffic using the SNMP, LDAP, COPS, or Kerberos protocols in ethereal.
This vulnerability was announced in the ethereal security advisory enpa-sa-00003. This issue has been corrected in ethereal version 0.8.0-3potato for Debian 2.2 (potato).

Additionally, a number of vulnerabilities were discussed in ethereal security advisory enpa-sa-00004; the version of ethereal in Debian 2.2 (potato) is not vulnerable to the issues raised in this later advisory. Users of the not-yet-released woody distribution should ensure that they are running ethereal 0.9.4-1 or a later version.

Solution

Upgrade the ethereal package immediately.

See Also

http://www.nessus.org/u?d720840a

http://www.nessus.org/u?10c1089c

http://www.debian.org/security/2002/dsa-130

Plugin Details

Severity: High

ID: 14967

File Name: debian_DSA-130.nasl

Version: 1.21

Type: local

Agent: unix

Published: 9/29/2004

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:ethereal, cpe:/o:debian:debian_linux:2.2

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 6/1/2002

Reference Information

CVE: CVE-2002-0353, CVE-2002-0401, CVE-2002-0402, CVE-2002-0403, CVE-2002-0404

BID: 4604, 4805, 4806, 4807, 4808

DSA: 130