This script is Copyright (C) 2007-2012 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
Various problems have been fixed in the network analyzer Ethereal,
most leading to crashes of the ethereal program.
- A unspecified vulnerability in the LDAP dissector could
be used to crash Ethereal. (CVE-2006-5740)
- A single \0 byte heap overflow was fixed in the MIME
multipart dissector. Potential of exploitability is
unknown, but considered low. (CVE-2006-4574)
- A denial of service problem in the XOT dissector can
cause it to take up huge amount of memory and crash
- The WBXML dissector could be used to crash ethereal.
- A NULL pointer dereference in the HTTP dissector could
crash ethereal. (CVE-2006-5468)
See also :
Apply ZYPP patch number 2248.
Risk factor :
Medium / CVSS Base Score : 5.0