Mandrake Linux Security Advisory : ethereal (MDKSA-2005:083)

High Nessus Plugin ID 18237


The remote Mandrake Linux host is missing one or more security updates.


A number of vulnerabilities were discovered in previous version of Ethereal that have been fixed in the 0.10.11 release, including :

- The ANSI A and DHCP dissectors are vulnerable to format string vulnerabilities.

- The DISTCC, FCELS, SIP, ISIS, CMIP, CMP, CMS, CRMF, ESS, OCSP, PKIX1Explitit, PKIX Qualified, X.509, Q.931, MEGACO, NCP, ISUP, TCAP and Presentation dissectors are vulnerable to buffer overflows.

- The KINK, WSP, SMB Mailslot, H.245, MGCP, Q.931, RPC, GSM and SMB NETLOGON dissectors are vulnerable to pointer handling errors.

- The LMP, KINK, MGCP, RSVP, SRVLOC, EIGRP, MEGACO, DLSw, NCP and L2TP dissectors are vulnerable to looping problems.

- The Telnet and DHCP dissectors could abort.

- The TZSP, Bittorrent, SMB, MGCP and ISUP dissectors could cause a segmentation fault.

- The WSP, 802.3 Slow protocols, BER, SMB Mailslot, SMB, NDPS, IAX2, RADIUS, SMB PIPE, MRDISC and TCAP dissectors could throw assertions.

- The DICOM, NDPS and ICEP dissectors are vulnerable to memory handling errors.

- The GSM MAP, AIM, Fibre Channel,SRVLOC, NDPS, LDAP and NTLMSSP dissectors could terminate abnormallly.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 18237

File Name: mandrake_MDKSA-2005-083.nasl

Version: $Revision: 1.20 $

Type: local

Published: 2005/05/11

Modified: 2013/08/09

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:ethereal, p-cpe:/a:mandriva:linux:ethereal-tools, p-cpe:/a:mandriva:linux:lib64ethereal0, p-cpe:/a:mandriva:linux:libethereal0, p-cpe:/a:mandriva:linux:tethereal, cpe:/o:mandrakesoft:mandrake_linux:10.1, x-cpe:/o:mandrakesoft:mandrake_linux:le2005

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2005/05/10

Reference Information

CVE: CVE-2005-1456, CVE-2005-1457, CVE-2005-1458, CVE-2005-1459, CVE-2005-1460, CVE-2005-1461, CVE-2005-1462, CVE-2005-1463, CVE-2005-1464, CVE-2005-1465, CVE-2005-1466, CVE-2005-1467, CVE-2005-1468, CVE-2005-1469, CVE-2005-1470

MDKSA: 2005:083

CWE: 119