RHEL 2.1 / 3 : ethereal (RHSA-2005:011)

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated Ethereal packages that fix various security vulnerabilities
are now available.

Ethereal is a program for monitoring network traffic.

A number of security flaws have been discovered in Ethereal. On a
system where Ethereal is running, a remote attacker could send
malicious packets to trigger these flaws.

A flaw in the DICOM dissector could cause a crash. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2004-1139 to this issue.

A invalid RTP timestamp could hang Ethereal and create a large
temporary file, possibly filling available disk space. (CVE-2004-1140)

The HTTP dissector could access previously-freed memory, causing a
crash. (CVE-2004-1141)

An improperly formatted SMB packet could make Ethereal hang,
maximizing CPU utilization. (CVE-2004-1142)

The COPS dissector could go into an infinite loop. (CVE-2005-0006)

The DLSw dissector could cause an assertion, making Ethereal exit
prematurely. (CVE-2005-0007)

The DNP dissector could cause memory corruption. (CVE-2005-0008)

The Gnutella dissector could cause an assertion, making Ethereal exit
prematurely. (CVE-2005-0009)

The MMSE dissector could free static memory, causing a crash.
(CVE-2005-0010)

The X11 protocol dissector is vulnerable to a string buffer overflow.
(CVE-2005-0084)

Users of Ethereal should upgrade to these updated packages which
contain version 0.10.9 that is not vulnerable to these issues.

See also :

https://www.redhat.com/security/data/cve/CVE-2004-1139.html
https://www.redhat.com/security/data/cve/CVE-2004-1140.html
https://www.redhat.com/security/data/cve/CVE-2004-1141.html
https://www.redhat.com/security/data/cve/CVE-2004-1142.html
https://www.redhat.com/security/data/cve/CVE-2005-0006.html
https://www.redhat.com/security/data/cve/CVE-2005-0007.html
https://www.redhat.com/security/data/cve/CVE-2005-0008.html
https://www.redhat.com/security/data/cve/CVE-2005-0009.html
https://www.redhat.com/security/data/cve/CVE-2005-0010.html
https://www.redhat.com/security/data/cve/CVE-2005-0084.html
http://ethereal.archive.sunet.se/appnotes/enpa-sa-00016.html
http://ethereal.archive.sunet.se/appnotes/enpa-sa-00017.html
http://rhn.redhat.com/errata/RHSA-2005-011.html

Solution :

Update the affected ethereal and / or ethereal-gnome packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Red Hat Local Security Checks

Nessus Plugin ID: 16295 ()

Bugtraq ID:

CVE ID: CVE-2004-1139
CVE-2004-1140
CVE-2004-1141
CVE-2004-1142
CVE-2005-0006
CVE-2005-0007
CVE-2005-0008
CVE-2005-0009
CVE-2005-0010
CVE-2005-0084