Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in ethereal
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in ethereal
ID: CSSA-2003-030.0
Distribution: Caldera
Plattformen: Caldera Server 3.1.1, Caldera Workstation 3.1.1
Datum: Sa, 8. November 2003, 12:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0428
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0432
Applikationen: Wireshark

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


______________________________________________________________________________

SCO Security Advisory

Subject: OpenLinux: Multiple vulnerabilities have reported in Ethereal 0.9.12
Advisory number: CSSA-2003-030.0
Issue date: 2003 November 07
Cross reference: sr883585 fz528203 erg712398 CAN-2003-0428 CAN-2003-0429
CAN-2003-0430 CAN-2003-0431 CAN-2003-0432
______________________________________________________________________________


1. Problem Description

Multiple vulnerabilities have reported in Ethereal 0.9.12.

Ethereal is a freely available network protocol analyzer for
Microsoft Windows and multiple Unix-based operating systems.

Ethereal versions 0.9.12 and earlier are vulnerable to multiple
issues. The Vulnerabilities are:

1. The DCERPC dissector could try to allocate too much memory
while trying to decode an NDR string. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the following
name CAN-2003-0428 to this issue.

2. Bad IPv4 or IPv6 prefix lengths could cause an overflow in the
OSI dissector. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the following name CAN-2003-0429 to
this issue.

3. The SPNEGO dissector could segfault while parsing an invalid
ASN.1 value. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the following name CAN-2003-0430
to this issue.

4. The tvb_get_nstringz0() routine incorrectly handled a zero-
length buffer size. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the following name
CAN-2003-0431 to this issue.

5. The BGP, WTP, DNS, 802.11, ISAKMP, WSP, CLNP, ISIS, and RMI
dissectors handled strings improperly. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the following
name CAN-2003-0432 to this issue.

POTENTIAL IMPACT
It may be possible to make Ethereal crash or run arbitrary code
by injecting a purposefully malformed packet onto the wire,
or by convincing someone to read a malformed packet trace file.

2. Vulnerable Supported Versions

System Package
-------------------------------------------------------------------
OpenLinux 3.1.1 Server prior to ethereal-0.9.13-1.i386.rpm
OpenLinux 3.1.1 Workstation prior to ethereal-0.9.13-1.i386.rpm

3. Solution

The proper solution is to install the latest packages. Many
customers find it easier to use the Caldera System Updater, called
cupdate (or kcupdate under the KDE environment), to update these
packages rather than downloading and installing them by hand.

4. OpenLinux 3.1.1 Server

4.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-030.0/RPMS

4.2 Packages

9c5039a96d35a4bb91cddfa40adb7e2c ethereal-0.9.13-1.i386.rpm

4.3 Installation

rpm -Fvh ethereal-0.9.13-1.i386.rpm

4.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-030.0/SRPMS

4.5 Source Packages

991395b4b4bcf0375e7dfe6a09108faf ethereal-0.9.13-1.src.rpm


5. OpenLinux 3.1.1 Workstation

5.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-030.0/RPMS

5.2 Packages

9d87667d906a624fc6e05434187941c1 ethereal-0.9.13-1.i386.rpm

5.3 Installation

rpm -Fvh ethereal-0.9.13-1.i386.rpm

5.4 Source Package Location

SRPMS

5.5 Source Packages

391d94b691aee0b3194583675c400cd7 ethereal-0.9.13-1.src.rpm


6. References

Specific references for this advisory:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0428
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0429
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0430
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0431
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0432

SCO security resources:
http://www.sco.com/support/security/index.html

This security fix closes SCO incidents sr883585 fz528203
erg712398.


7. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.

______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj+sNhQACgkQbluZssSXDTEZMwCfUH9bcXlH1HwcxpnZp2+wIWvx
CCEAoKkO/by2uLsop7CdEmSE2zvXUY/A
=T8Uu
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Twitter
Neue Nachrichten
Werbung