This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
A number of vulnerabilities were discovered in previous version of
Ethereal that have been fixed in the 0.10.11 release, including :
- The ANSI A and DHCP dissectors are vulnerable to format
- The DISTCC, FCELS, SIP, ISIS, CMIP, CMP, CMS, CRMF, ESS,
OCSP, PKIX1Explitit, PKIX Qualified, X.509, Q.931,
MEGACO, NCP, ISUP, TCAP and Presentation dissectors are
vulnerable to buffer overflows.
- The KINK, WSP, SMB Mailslot, H.245, MGCP, Q.931, RPC,
GSM and SMB NETLOGON dissectors are vulnerable to
pointer handling errors.
- The LMP, KINK, MGCP, RSVP, SRVLOC, EIGRP, MEGACO, DLSw,
NCP and L2TP dissectors are vulnerable to looping
- The Telnet and DHCP dissectors could abort.
- The TZSP, Bittorrent, SMB, MGCP and ISUP dissectors
could cause a segmentation fault.
- The WSP, 802.3 Slow protocols, BER, SMB Mailslot, SMB,
NDPS, IAX2, RADIUS, SMB PIPE, MRDISC and TCAP dissectors
could throw assertions.
- The DICOM, NDPS and ICEP dissectors are vulnerable to
memory handling errors.
- The GSM MAP, AIM, Fibre Channel,SRVLOC, NDPS, LDAP and
NTLMSSP dissectors could terminate abnormallly.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Mandriva Local Security Checks
Nessus Plugin ID: 18237 (mandrake_MDKSA-2005-083.nasl)
CVE ID: CVE-2005-1456
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now