Detections
Analytics

FreeBSD : ethereal -- multiple protocol dissectors vulnerabilities (5d51d245-00ca-11da-bc08-0001020eed82)

high Nessus Plugin ID 19344

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

An Ethreal Security Advisories reports :

Our testing program has turned up several more security issues :

- The LDAP dissector could free static memory and crash.

- The AgentX dissector could crash.

- The 802.3 dissector could go into an infinite loop.

- The PER dissector could abort.

- The DHCP dissector could go into an infinite loop.

- The BER dissector could abort or loop infinitely.

- The MEGACO dissector could go into an infinite loop.

- The GIOP dissector could dereference a NULL pointer.

- The SMB dissector was susceptible to a buffer overflow.

- The WBXML could dereference a NULL pointer.

- The H1 dissector could go into an infinite loop.

- The DOCSIS dissector could cause a crash.

- The SMPP dissector could go into an infinite loop.

- SCTP graphs could crash.

- The HTTP dissector could crash.

- The SMB dissector could go into a large loop.

- The DCERPC dissector could crash.

- Several dissectors could crash while reassembling packets.

Steve Grubb at Red Hat found the following issues :

- The CAMEL dissector could dereference a NULL pointer.

- The DHCP dissector could crash.

- The CAMEL dissector could crash.

- The PER dissector could crash.

- The RADIUS dissector could crash.

- The Telnet dissector could crash.

- The IS-IS LSP dissector could crash.

- The NCP dissector could crash.

iDEFENSE found the following issues :

- Several dissectors were susceptible to a format string overflow.
Impact : It may be possible to make Ethereal crash, use up available memory, or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

Solution

Update the affected packages.

See Also

http://ethereal.archive.sunet.se/appnotes/enpa-sa-00020.html

http://www.nessus.org/u?aadc2aff

Plugin Details

Severity: High

ID: 19344

File Name: freebsd_pkg_5d51d24500ca11dabc080001020eed82.nasl

Version: 1.15

Type: local

Published: 8/1/2005

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:ethereal, p-cpe:/a:freebsd:freebsd:ethereal-lite, p-cpe:/a:freebsd:freebsd:tethereal, p-cpe:/a:freebsd:freebsd:tethereal-lite, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 7/30/2005

Vulnerability Publication Date: 7/26/2005