Debian: ethereal Denial of service attack

    Date05 Jan 2004
    CategoryDebian
    2801
    Posted ByLinuxSecurity Advisories
    A heap-based buffer overflow allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.
    
    ----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 407-1                     This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                             Martin Schulze
    January 5th, 2004                        http://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : ethereal
    Vulnerability  : buffer overflows
    Problem-Type   : remote
    Debian-specific: no
    CVE IDs        : CAN-2003-0925 CAN-2003-0926 CAN-2003-0927 CAN-2003-1012 CAN-2003-1013
    
    Several vulnerabilities were discovered upstream in ethereal, a
    network traffic analyzer.  The Common Vulnerabilities and Exposures
    project identifies the following problems:
    
    CAN-2003-0925
    
       A buffer overflow allows remote attackers to cause a denial of
       service and possibly execute arbitrary code via a malformed GTP
       MSISDN string.
    
    CAN-2003-0926
    
       Via certain malformed ISAKMP or MEGACO packets remote attackers are
       able to cause a denial of service (crash).
    
    CAN-2003-0927
    
       A heap-based buffer overflow allows remote attackers to cause a
       denial of service (crash) and possibly execute arbitrary code via
       the SOCKS dissector.
    
    CAN-2003-1012
    
       The SMB dissector allows remote attackers to cause a denial of
       service via a malformed SMB packet that triggers a segmentation
       fault during processing of selected packets.
    
    CAN-2003-1013
    
       The Q.931 dissector allows remote attackers to cause a denial of
       service (crash) via a malformed Q.931, which triggers a null
       dereference.
    
    For the stable distribution (woody) this problem has been fixed in
    version 0.9.4-1woody6.
    
    For the unstable distribution (sid) this problem has been fixed in
    version 0.10.0-1.
    
    We recommend that you upgrade your ethereal and tethereal packages.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
    
      Source archives:
    
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6.dsc
          Size/MD5 checksum:      679 6c3d2beab693578b827bc0c2ecc13eb2
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6.diff.gz
          Size/MD5 checksum:    37597 7456c1b4708a869295bb71480300370d
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4.orig.tar.gz
          Size/MD5 checksum:  3278908 42e999daa659820ee93aaaa39ea1e9ea
    
      Alpha architecture:
    
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_alpha.deb
          Size/MD5 checksum:  1940256 e8a45a24a24a145f2870d65b26fdda20
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_alpha.deb
          Size/MD5 checksum:   334238 0035322af1972fa6c1547e881b5b27fa
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_alpha.deb
          Size/MD5 checksum:   222006 da4e9538a37ac5dd740010b828afed8b
         http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_alpha.deb
          Size/MD5 checksum:  1706878 3c2e6c03f6383f3ae8d599a01853c344
    
      ARM architecture:
    
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_arm.deb
          Size/MD5 checksum:  1634664 f5f5d2aeba5fa26ac8d6b722f4d52b39
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_arm.deb
          Size/MD5 checksum:   297294 267317a8d6f43f009673f3e9864e0308
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_arm.deb
          Size/MD5 checksum:   205964 fe0528d0ee4b0922d1a449f9c12c0b81
         http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_arm.deb
          Size/MD5 checksum:  1439166 390f1e6d9173454162195c47a10c6a0e
    
      Intel IA-32 architecture:
    
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_i386.deb
          Size/MD5 checksum:  1512408 b9efde468cca1ddd6b731a3b343bd51d
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_i386.deb
          Size/MD5 checksum:   286370 c618774e3718d11d94347b0d66f72af4
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_i386.deb
          Size/MD5 checksum:   198298 a7c01d2560880e783e899cd623a27e7a
         http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_i386.deb
          Size/MD5 checksum:  1325838 a7706f7f82b44a30d4a99b299c58b4ca
    
      Intel IA-64 architecture:
    
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_ia64.deb
          Size/MD5 checksum:  2150174 e2aba915304534ac4fbb060a2552d9c6
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_ia64.deb
          Size/MD5 checksum:   373042 f06169aeefd918e4e5b809393edb8dc2
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_ia64.deb
          Size/MD5 checksum:   233630 e7f788d020319a8147beb4172cdc736f
         http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_ia64.deb
          Size/MD5 checksum:  1860802 6c8ef685b4e61f34a0146eb6fc666fdb
    
      HP Precision architecture:
    
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_hppa.deb
          Size/MD5 checksum:  1803668 213d7f4221de714ee5c4ef938d0bae54
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_hppa.deb
          Size/MD5 checksum:   322334 b6ebeeb39d2d57c0ed664f65389e55a2
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_hppa.deb
          Size/MD5 checksum:   216804 fd2e27b35aedd419a12db17bee96c596
         http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_hppa.deb
          Size/MD5 checksum:  1575270 f3ed65cc62fb1155e8e38a25320d0614
    
      Motorola 680x0 architecture:
    
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_m68k.deb
          Size/MD5 checksum:  1424112 69cccce7cf5ead38369e6d508031d821
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_m68k.deb
          Size/MD5 checksum:   282604 e5c3264948cd2cad0c159893173f0748
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_m68k.deb
          Size/MD5 checksum:   195028 647f483dbf79dc47a95d48d105d6a7c4
         http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_m68k.deb
          Size/MD5 checksum:  1248072 8085433927ed54f1c1c8196d7c835709
    
      Big endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_mips.deb
          Size/MD5 checksum:  1616398 9a41bb228b9b33894825d6cfd2bba741
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_mips.deb
          Size/MD5 checksum:   305168 b4a94497386ab45e0494c7980def8e3e
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_mips.deb
          Size/MD5 checksum:   213590 20a3ad3d4b5126890aa23179c1730f1a
         http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_mips.deb
          Size/MD5 checksum:  1421550 ad0decba7ea5907e6a3149cacbc178f8
    
      Little endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_mipsel.deb
          Size/MD5 checksum:  1596866 0321997c79a03298c65548bb5687e87d
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_mipsel.deb
          Size/MD5 checksum:   304676 9a3fad3fe8394ae63f79d09580b41b39
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_mipsel.deb
          Size/MD5 checksum:   213222 28bfeefdf54278545c2c132fe381dc12
         http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_mipsel.deb
          Size/MD5 checksum:  1405698 182282caefb7aaf8025559894d7b9801
    
      PowerPC architecture:
    
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_powerpc.deb
          Size/MD5 checksum:  1617784 38000a653b7da7552904e66b8c736ecc
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_powerpc.deb
          Size/MD5 checksum:   301846 70dede9038a6098642119765c87f6f80
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_powerpc.deb
          Size/MD5 checksum:   208786 d69f6942493800fd491e90605d0be931
         http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_powerpc.deb
          Size/MD5 checksum:  1418638 9394c10dff060a961329382c7a3433ad
    
      IBM S/390 architecture:
    
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_s390.deb
          Size/MD5 checksum:  1574214 a21cbd59b1d36e14da777da012768f21
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_s390.deb
          Size/MD5 checksum:   300674 49a6af1c59fe07065267ebc5deecc8b8
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_s390.deb
          Size/MD5 checksum:   203854 077f9492da7509958c890e598edadf14
         http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_s390.deb
          Size/MD5 checksum:  1386518 d99962a50a8fafc9c509a67adb3399be
    
      Sun Sparc architecture:
    
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_sparc.deb
          Size/MD5 checksum:  1582634 d0a792b3c2428ac28476799e888cef98
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_sparc.deb
          Size/MD5 checksum:   317982 936008ca75fecdec66519475f8466525
         http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_sparc.deb
          Size/MD5 checksum:   204626 2633099c059446cff5d41703718fb7bf
         http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_sparc.deb
          Size/MD5 checksum:  1388944 ede08f8bc62f1a5141a0bb2ed2ceea1d
    
    
      These files will probably be moved into the stable distribution on
      its next revision.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb  http://security.debian.org/ stable/updates main
    For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and  http://packages.debian.org/
    
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.3 (GNU/Linux)
    
    iD8DBQE/+TD0W5ql+IAeqTIRAqbDAJ94AyY1dCtH0gsTSd+lPuuNsgsYnACdGQXl
    ukugrDm00ja/05LtjROk2ys=
    =4uYr
    -----END PGP SIGNATURE-----
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"14","type":"x","order":"1","pct":53.85,"resources":[]},{"id":"88","title":"Should be more technical","votes":"4","type":"x","order":"2","pct":15.38,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"8","type":"x","order":"3","pct":30.77,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.