Linux Security
    Linux Security
    Linux Security

    Debian: New ethereal packages fix denial of service

    Date 31 Oct 2006
    Posted By LinuxSecurity Advisories
    Updated package.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1201-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.                         Moritz Muehlenhoff
    October 31st, 2006            
    - --------------------------------------------------------------------------
    Package        : ethereal
    Vulnerability  : several
    Problem-Type   : remote
    Debian-specific: no
    CVE ID         : CVE-2006-4574 CVE-2006-4805
    Debian Bug     : 396258
    Several remote vulnerabilities have been discovered in the Ethereal network
    scanner. The Common Vulnerabilities and Exposures project identifies the
    following problems:
        It was discovered that the MIME multipart dissector is vulnerable to
        denial of service caused by an off-by-one overflow.
        It was discovered that the XOT dissector is vulnerable to denial
        of service caused by memory corruption.
    For the stable distribution (sarge) these problems have been fixed in
    version 0.10.10-2sarge9. Due to technical problems with the security
    buildd infrastructure this update lacks builds for the hppa and sparc
    architecture. They will be released as soon as the problems are resolved.
    For the unstable distribution (sid) these problems will be fixed soon.
    We recommend that you upgrade your ethereal packages.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
      Source archives:
          Size/MD5 checksum:      855 4111fa99ac63f549e0ed3e2db668e542
          Size/MD5 checksum:   178221 6566de4d9fc112f25f6bfaf45ad77faa
          Size/MD5 checksum:  7411510 e6b74468412c17bb66cd459bfb61471c
      Alpha architecture:
          Size/MD5 checksum:   543092 c89ff6f8bdc7e6f7eb2650d5076f03e6
          Size/MD5 checksum:  5476386 e2a8e648f15a347d05f5e5cd624edb4c
          Size/MD5 checksum:   154592 5e0d5c37c0cc589d05d6e748e51e03ea
          Size/MD5 checksum:   106306 f23e0e55dc96d7bdcb0fb95cdfba5548
      AMD64 architecture:
          Size/MD5 checksum:   486550 ffd006375c90a4d059af7a024188776e
          Size/MD5 checksum:  5334530 341c8645167abbae9ae6147b83649edb
          Size/MD5 checksum:   154598 b1d1d14d3d41120c1c5c65ce89f08ab2
          Size/MD5 checksum:    99588 fdf5d3d8677e03c3edf2cfff04fba4ec
      ARM architecture:
          Size/MD5 checksum:   473062 9a901ea673c269ccbf41ecdff1df53dd
          Size/MD5 checksum:  4688102 09120393788e912b7ac18182b09fcd2e
          Size/MD5 checksum:   154596 e539e5c413c0c39957c0abb9b34c9cfb
          Size/MD5 checksum:    95664 2131328ee58a900aedf3766ddbbfc98e
      Intel IA-32 architecture:
          Size/MD5 checksum:   443698 7693be67596d17632cf4723f8a54d047
          Size/MD5 checksum:  4529248 0139a1d19b4957c004df779e38a24a59
          Size/MD5 checksum:   154592 9c0525063d401ee054b27ce38d634e33
          Size/MD5 checksum:    90942 96abf559fb9430b1692d2d90a66ecc5c
      Intel IA-64 architecture:
          Size/MD5 checksum:   674472 4abd34b813b05e024043da18bb3e402c
          Size/MD5 checksum:  6630134 99f54db4831942d42296ab0a95342478
          Size/MD5 checksum:   154594 97f03089c5a2f20ba38344f6cec55b30
          Size/MD5 checksum:   129198 1112f7607579fcd8b9ca08f71343f634
      Motorola 680x0 architecture:
          Size/MD5 checksum:   447802 232f5842aa0e6adb46d20a7bb185f96d
          Size/MD5 checksum:  5565136 fb513962f4e20d66c623a73b5ee9e885
          Size/MD5 checksum:   154662 a3b9b1d5863b3aa898f0cc99c1cd6698
          Size/MD5 checksum:    90952 dd7d57c87b84651cf379e89001605323
      Big endian MIPS architecture:
          Size/MD5 checksum:   462804 d4684b24816cc54d47cfad4ce32bd0b5
          Size/MD5 checksum:  4723362 7656bd956876056e532df9ecaec97471
          Size/MD5 checksum:   154588 8645620716b8d688475fd2ca631ab986
          Size/MD5 checksum:    94788 40066b71cfc3a122453e130e537c2302
      Little endian MIPS architecture:
          Size/MD5 checksum:   458076 1ac138ade7fd91253806ae4d8480154b
          Size/MD5 checksum:  4460986 7e9ca725df417dae65208e865ea329d6
          Size/MD5 checksum:   154606 ce8c4b32631676bc7817c3f4dfa5f6ca
          Size/MD5 checksum:    94696 d9525ded73ae609c0dc7672f1279626a
      PowerPC architecture:
          Size/MD5 checksum:   455752 8e5806f6f6a86f8b066c6366fbdaacfe
          Size/MD5 checksum:  5067972 c832d4ee9e201fffe698c4e5e8c064d6
          Size/MD5 checksum:   154602 ec05dd9cb9fda2cb532fc4a02b73870d
          Size/MD5 checksum:    94360 811445845ed5bc677c68597f4dc57553
      IBM S/390 architecture:
          Size/MD5 checksum:   479716 1f9523a1563752c8b3f3ae3b77ee9e15
          Size/MD5 checksum:  5621732 36e4ce1ddaf99edf598933bc8af19c7b
          Size/MD5 checksum:   154590 5b08647010fc5275a27ded68e63d4859
          Size/MD5 checksum:    99946 93cb4151f77499728d2734c64a04f8c2
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.


    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"8","type":"x","order":"1","pct":27.59,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":20.69,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":51.72,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.