Fedora Core 2 : ethereal-0.10.3-2.1 (2004-153)

This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora Core host is missing a security update.

Description :

Issues have been discovered in the following protocol dissectors :

- A SIP packet could make Ethereal crash under specific
conditions, as described in the following message:
http://www.ethereal.com/lists/ethereal-users/200405/msg0
0018.html (0.10.3).

- The AIM dissector could throw an assertion, causing
Ethereal to terminate abnormally (0.10.3).

- It was possible for the SPNEGO dissector to dereference
a NULL pointer, causing a crash (0.9.8 to 0.10.3).

- The MMSE dissector was susceptible to a buffer
overflow. (0.10.1 to 0.10.3).

All users of the Ethereal package are strongly encouraged to update to
these latest packages.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.ethereal.com/lists/ethereal-users/200405/msg00018.html
http://www.nessus.org/u?8bfaa622

Solution :

Update the affected ethereal, ethereal-debuginfo and / or
ethereal-gnome packages.

Risk factor :

High

Family: Fedora Local Security Checks

Nessus Plugin ID: 13713 (fedora_2004-153.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now