Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in ethereal
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in ethereal
ID: MDKSA-2005:083
Distribution: Mandriva
Plattformen: Mandriva 10.1, Mandriva 10.2
Datum: Mi, 11. Mai 2005, 13:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1470
http://www.ethereal.com/appnotes/enpa-sa-00019.html
Applikationen: Wireshark

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           ethereal
 Advisory ID:            MDKSA-2005:083
 Date:                   May 10th, 2005

 Affected versions:	 10.1, 10.2
 ______________________________________________________________________

 Problem Description:

 A number of vulnerabilities were discovered in previous version of
 Ethereal that have been fixed in the 0.10.11 release, including:
 
 - The ANSI A and DHCP dissectors are vulnerable to format string
   vulnerabilities.
 
 - The DISTCC, FCELS, SIP, ISIS, CMIP, CMP, CMS, CRMF, ESS, OCSP,
   PKIX1Explitit, PKIX Qualified, X.509, Q.931, MEGACO, NCP, ISUP, TCAP
   and Presentation dissectors are vulnerable to buffer overflows.
 
 - The KINK, WSP, SMB Mailslot, H.245, MGCP, Q.931, RPC, GSM and SMB
   NETLOGON dissectors are vulnerable to pointer handling errors.
 
 - The LMP, KINK, MGCP, RSVP, SRVLOC, EIGRP, MEGACO, DLSw, NCP and
   L2TP dissectors are vulnerable to looping problems.
 
 - The Telnet and DHCP dissectors could abort.
 
 - The TZSP, Bittorrent, SMB, MGCP and ISUP dissectors could cause a
   segmentation fault.
 
 - The WSP, 802.3 Slow protocols, BER, SMB Mailslot, SMB, NDPS, IAX2,
   RADIUS, SMB PIPE, MRDISC and TCAP dissectors could throw assertions.
 
 - The DICOM, NDPS and ICEP dissectors are vulnerable to memory
   handling errors.
 
 - The GSM MAP, AIM, Fibre Channel,SRVLOC, NDPS, LDAP and NTLMSSP
   dissectors could terminate abnormallly.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1456
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1457
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1458
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1459
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1460
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1461
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1462
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1463
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1464
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1465
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1466
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1467
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1468
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1469
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1470
  http://www.ethereal.com/appnotes/enpa-sa-00019.html
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 ae2866749c7a3ceebbd6550ef5a29154 
 10.1/RPMS/ethereal-0.10.11-0.1.101mdk.i586.rpm
 7a27b1b13fd7b9232f078f3c803863c8 
 10.1/RPMS/ethereal-tools-0.10.11-0.1.101mdk.i586.rpm
 b32725663f41c817169c650c04dff15e 
 10.1/RPMS/libethereal0-0.10.11-0.1.101mdk.i586.rpm
 f995c192659c93c5a77d12ff0dfb74e3 
 10.1/RPMS/tethereal-0.10.11-0.1.101mdk.i586.rpm
 0d2e9e9478b964b9de67e10dab5996d7 
 10.1/SRPMS/ethereal-0.10.11-0.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 a6fdb42381866c6c2df04732a0e2e2f0 
 x86_64/10.1/RPMS/ethereal-0.10.11-0.1.101mdk.x86_64.rpm
 285be2e4fff2cec54772d08daf994c0f 
 x86_64/10.1/RPMS/ethereal-tools-0.10.11-0.1.101mdk.x86_64.rpm
 a672830433d1bd9c044d081116311406 
 x86_64/10.1/RPMS/lib64ethereal0-0.10.11-0.1.101mdk.x86_64.rpm
 da5bb65a0ac86ad8510c9c82c6c3c798 
 x86_64/10.1/RPMS/tethereal-0.10.11-0.1.101mdk.x86_64.rpm
 0d2e9e9478b964b9de67e10dab5996d7 
 x86_64/10.1/SRPMS/ethereal-0.10.11-0.1.101mdk.src.rpm

 Mandrakelinux 10.2:
 f6d236307d9366150aa2cf900b77ad4b 
 10.2/RPMS/ethereal-0.10.11-0.1.102mdk.i586.rpm
 e146cf60690d907aaeb569f59cde8e37 
 10.2/RPMS/ethereal-tools-0.10.11-0.1.102mdk.i586.rpm
 a6ee5615d66e5b33ffe05270069fa921 
 10.2/RPMS/libethereal0-0.10.11-0.1.102mdk.i586.rpm
 fa4398c9e4947faff78750b289ee922c 
 10.2/RPMS/tethereal-0.10.11-0.1.102mdk.i586.rpm
 0b13985c69b63df65775240b8991c07e 
 10.2/SRPMS/ethereal-0.10.11-0.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 7c9dc07574f92df6e3920da6c1320cfb 
 x86_64/10.2/RPMS/ethereal-0.10.11-0.1.102mdk.x86_64.rpm
 5684d61528aa353ee5ce58d8c99317f9 
 x86_64/10.2/RPMS/ethereal-tools-0.10.11-0.1.102mdk.x86_64.rpm
 ce979043e16801b2b4565fb2dae4e18f 
 x86_64/10.2/RPMS/lib64ethereal0-0.10.11-0.1.102mdk.x86_64.rpm
 1e5af06f5eb143a956fd3a0ee88109e0 
 x86_64/10.2/RPMS/tethereal-0.10.11-0.1.102mdk.x86_64.rpm
 0b13985c69b63df65775240b8991c07e 
 x86_64/10.2/SRPMS/ethereal-0.10.11-0.1.102mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCgWxJmqjQ0CJFipgRAhvNAKCUHZqNrYOvYKvnHSyZEPV3RivIRQCg74gK
SeqOmD4frQK02Lp3wYd9qzQ=
=ZgKm
-----END PGP SIGNATURE-----


To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung