Mandrake Linux Security Advisory : ethereal (MDKSA-2005:193-2)

This script is Copyright (C) 2006-2015 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

Ethereal 0.10.13 is now available fixing a number of security
vulnerabilities in various dissectors :

- the ISAKMP dissector could exhaust system memory

- the FC-FCS dissector could exhaust system memory

- the RSVP dissector could exhaust system memory

- the ISIS LSP dissector could exhaust system memory

- the IrDA dissector could crash

- the SLIMP3 dissector could overflow a buffer

- the BER dissector was susceptible to an infinite loop

- the SCSI dissector could dereference a NULL pointer
and crash

- the sFlow dissector could dereference a NULL pointer
and crash

- the RTnet dissector could dereference a NULL pointer
and crash

- the SigComp UDVM could go into an infinite loop or
crash

- the X11 dissector could attempt to divide by zero

- if SMB transaction payload reassembly is enabled the
SMB dissector could crash (by default this is
disabled)

- if the 'Dissect unknown RPC program numbers' option was
enabled, the ONC RPC dissector might be able to exhaust
system memory (by default this is disabled)

- the AgentX dissector could overflow a buffer

- the WSP dissector could free an invalid pointer

- iDEFENSE discovered a buffer overflow in the SRVLOC
dissector

The new version of Ethereal is provided and corrects all of these
issues.

An infinite loop in the IRC dissector was also discovered and fixed
after the 0.10.13 release. The updated packages include the fix.

Update :

A permissions problem on the /usr/share/ethereal/dtds directory caused
errors when ethereal started as a non-root user. This update corrects
the problem.

See also :

http://ethereal.archive.sunet.se/appnotes/enpa-sa-00021.html

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 20435 (mandrake_MDKSA-2005-193.nasl)

Bugtraq ID: 15148

CVE ID: CVE-2005-3184
CVE-2005-3241
CVE-2005-3242
CVE-2005-3243
CVE-2005-3244
CVE-2005-3245
CVE-2005-3246
CVE-2005-3247
CVE-2005-3248
CVE-2005-3249
CVE-2005-3313

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now