Mandrake Linux Security Advisory : ethereal (MDKSA-2003:067)

Critical Nessus Plugin ID 14050


The remote Mandrake Linux host is missing a security update.


Several vulnerabilities in ethereal were discovered by Timo Sirainen.
Integer overflows were found in the Mount and PPP dissectors, as well as one-byte buffer overflows in the AIM, GIOP Gryphon, OSPF, PPTP, Quake, Quake2, Quake3, Rsync, SMB, SMPP, and TSP dissectors. These vulnerabilities were corrected in ethereal 0.9.12.


Update the affected ethereal package.

See Also

Plugin Details

Severity: Critical

ID: 14050

File Name: mandrake_MDKSA-2003-067.nasl

Version: $Revision: 1.19 $

Type: local

Published: 2004/07/31

Modified: 2013/08/09

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:ethereal, cpe:/o:mandrakesoft:mandrake_linux:9.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2003/06/16

Reference Information

CVE: CVE-2003-0356, CVE-2003-0357

MDKSA: 2003:067