Joined: 13 Jun 2003
Location: Dresden, Germany
|Posted: Fri Jun 04, 2004 9:16 pm Post subject: [ GLSA 200406-01 ] Ethereal: Multiple security problems
|Gentoo Linux Security Advisory
Title: Ethereal: Multiple security problems (GLSA 200406-01)
Date: June 04, 2004
Updated: May 22, 2006
Multiple vulnerabilities including one buffer overflow exist in Ethereal, which may allow an attacker to run arbitrary code or crash the program.
Ethereal is a feature rich network protocol analyzer.
Vulnerable: <= 0.10.3
Unaffected: >= 0.10.4
Architectures: All supported architectures
There are multiple vulnerabilities in versions of Ethereal earlier than 0.10.4, including:
- A buffer overflow in the MMSE dissector.
- Under specific conditions a SIP packet could make Ethereal crash.
- The AIM dissector could throw an assertion, causing Ethereal to crash.
- The SPNEGO dissector could dereference a null pointer, causing a crash.
An attacker could use these vulnerabilities to crash Ethereal or even execute arbitrary code with the permissions of the user running Ethereal, which could be the root user.
For a temporary workaround you can disable all affected protocol dissectors by selecting Analyze->Enabled Protocols... and deselecting them from the list. However, it is strongly recommended to upgrade to the latest stable release.
All Ethereal users should upgrade to the latest stable version:
|# emerge sync
# emerge -pv ">=net-analyzer/ethereal-0.10.4"
# emerge ">=net-analyzer/ethereal-0.10.4"
Last edited by GLSA on Tue May 23, 2006 4:16 am; edited 2 times in total