Linux Security
Linux Security
Linux Security

Debian: ethereal fix several vulnerabilities DSA-853-1

Date 09 Oct 2005
Posted By Joe Shakespeare
Updated package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 853-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
October 9th, 2005             
- --------------------------------------------------------------------------

Package        : ethereal
Vulnerability  : several
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2005-2360 CAN-2005-2361 CAN-2005-2363 CAN-2005-2364 CAN-2005-2365 CAN-2005-2366 CAN-2005-2367

Several security problems have been discovered in ethereal, a commonly
used network traffic analyser.  The Common Vulnerabilities and
Exposures project identifies the following problems:


    Memory allocation errors in the LDAP dissector can cause a denial
    of service.


    Various errors in the AgentX, PER, DOCSIS, RADIUS, Telnet, IS-IS,
    HTTP, DCERPC, DHCP and SCTP dissectors can cause a denial of


    Various errors in the SMPP, 802.3, H1 and DHCP dissectors can
    cause a denial of service.


    Null pointer dereferences in the WBXML and GIOP dissectors can
    cause a denial of service.


    A buffer overflow and null pointer dereferences in the SMB
    dissector can cause a denial of service.


    Wrong address calculation in the BER dissector can cause an
    infinite loop or abortion.


    Format string vulnerabilities in the several dissectors allow
    remote attackers to write to arbitrary memory locations and thus
    gain privileges.

For the old stable distribution (woody) these problems have been fixed in
version 0.9.4-1woody13.

For the stable distribution (sarge) these problems have been fixed in
version 0.10.10-2sarge3.

For the unstable distribution (sid) these problems have been fixed in
version 0.10.12-2.

We recommend that you upgrade your ethereal packages.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:
      Size/MD5 checksum:      681 a14972c16fc38134c821341149b15a5a
      Size/MD5 checksum:    45597 19cab69d49a02ad1edb539b25ea68c75
      Size/MD5 checksum:  3278908 42e999daa659820ee93aaaa39ea1e9ea

  Alpha architecture:
      Size/MD5 checksum:  1941188 952157656d9161e6a28ece7c14a2c555
      Size/MD5 checksum:   334858 edcf3011bcb0e54ab74c84dfe19776d7
      Size/MD5 checksum:   223118 e2720177ee4f1211857676fc391d00d3
      Size/MD5 checksum:  1708360 ec7c1f48cdf360bf483d4eeb1860249b

  ARM architecture:
      Size/MD5 checksum:  1635932 8910e5fc6cbe7682af2075879b55a858
      Size/MD5 checksum:   298468 9e40dcca2b8b00eba260fe94f79d4450
      Size/MD5 checksum:   207002 c6d6f567c88253a8740dd99edc668130
      Size/MD5 checksum:  1439858 c3bee95dedeca0840c8c7c8a05dbdd68

  Intel IA-32 architecture:
      Size/MD5 checksum:  1513478 87d0692acb79e31d22fc75e793b6e297
      Size/MD5 checksum:   287308 f8e2ad89ee905143f6b45c7e882473d3
      Size/MD5 checksum:   198964 cc1ba32c0c8b55a82d6f70a2df30050f
      Size/MD5 checksum:  1327044 c9085f4a0907ef25ab7bbbcacfdc4ef8

  Intel IA-64 architecture:
      Size/MD5 checksum:  2150448 f659c70de493fda86b516c26ccbdf4ff
      Size/MD5 checksum:   373822 432a623071185fa13dd7846938624660
      Size/MD5 checksum:   234624 b771c21771b097adb67bc873237240f4
      Size/MD5 checksum:  1861946 1af8550c20f578818fb914b4cdab373b

  HP Precision architecture:
      Size/MD5 checksum:  1805114 03f0ee1f26bccd8bd06afcbd362e5a16
      Size/MD5 checksum:   323274 81a556881ec81a5454226e3792c9fd5e
      Size/MD5 checksum:   217650 c5d1f9b04ef88c445bf76ea7cb3d39ff
      Size/MD5 checksum:  1576474 7c9f0de387ed98b7f6ad193d1eebd65b

  Motorola 680x0 architecture:
      Size/MD5 checksum:  1424958 29e4fb9bd982b34e3b817b720b504887
      Size/MD5 checksum:   283620 1eafdce67f2caf49eb38f91d8e890b07
      Size/MD5 checksum:   195920 5f31f70f910899e04060dbc51adca631
      Size/MD5 checksum:  1249154 0b22f6dd317393fffcedfc24fd0594fe

  Big endian MIPS architecture:
      Size/MD5 checksum:  1617196 3167d42c291812f12c4a2d9d41ade0b8
      Size/MD5 checksum:   306020 23dfd273a4f037d75fe13e6120483ca8
      Size/MD5 checksum:   214566 c4a6a6fcababc389fc6e744b9cc6768d
      Size/MD5 checksum:  1422232 320baf32c90be1bfcc244ac3b93be25f

  Little endian MIPS architecture:
      Size/MD5 checksum:  1598562 4573d8fc4571fed4245acc95ee785872
      Size/MD5 checksum:   305506 aac45f1ab9667ebca1d4402a20140cd4
      Size/MD5 checksum:   214188 9ec3e426f078964f19b207f738a2890b
      Size/MD5 checksum:  1406744 a48af1c598617dba5cca476b332a6065

  PowerPC architecture:
      Size/MD5 checksum:  1618594 53a5b20824374a7e5c79208bd296136b
      Size/MD5 checksum:   302794 20245fb6bb9ea58ec72e02c6fe457bf7
      Size/MD5 checksum:   209852 f2f9341ded7609237dc942d17b5795a4
      Size/MD5 checksum:  1419820 31e423ce00a86c7fa42ac44dce2143c6

  IBM S/390 architecture:
      Size/MD5 checksum:  1574966 2483e8356413e3279a75da2529a55d9e
      Size/MD5 checksum:   301568 27bce6f8ddcc5c1717d04ec8de2b8257
      Size/MD5 checksum:   204900 1d92ae0a1c815fd2f1b592205a6be472
      Size/MD5 checksum:  1387670 18f5e9b5e7aeb368bc0894f29ad0146d

  Sun Sparc architecture:
      Size/MD5 checksum:  1583740 27c3837c712ec20801296c271f7f5574
      Size/MD5 checksum:   318820 f3a07ddbbd077b6d8de40b121f788fb9
      Size/MD5 checksum:   205662 9ec1889a5e3f10000ee8eabc9a93342b
      Size/MD5 checksum:  1389812 5a4bb26b67f1f8a9e5d1f00ef735d713

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:
      Size/MD5 checksum:      855 2f3011894f29728f1b4b667418a83b20
      Size/MD5 checksum:   166589 208197070a9bffebf9ca3286ab606e7d
      Size/MD5 checksum:  7411510 e6b74468412c17bb66cd459bfb61471c

  Alpha architecture:
      Size/MD5 checksum:   541634 8467337e4b372914419c5f33c4486048
      Size/MD5 checksum:  5474828 5a5ccad452cd5f72005b64a663cbde45
      Size/MD5 checksum:   153736 2022700af3d2f20539be0b53dfd68b3b
      Size/MD5 checksum:   105004 c31e05995f3bf595479489326772b2d4

  AMD64 architecture:
      Size/MD5 checksum:   485220 e01fe329d0fbc6c2edb85641d583c916
      Size/MD5 checksum:  5333782 b0edc8a4194bcf3e646f98d4e0accce4
      Size/MD5 checksum:   153730 28cb9daf3417180f398b46f9e766071c
      Size/MD5 checksum:    98284 d49a2f3c0d0c60cba44e14f661d24dd4

  ARM architecture:
      Size/MD5 checksum:   471584 e86b521d4c73ed25a363155a440ddf72
      Size/MD5 checksum:  4686010 8e29ff9d0739550f709ed110e322758a
      Size/MD5 checksum:   153750 352080c1f5ae27e3d9a6dfb0f2f3660f
      Size/MD5 checksum:    94232 9586fda35f4aeb9f276e6c3ebbe30449

  Intel IA-32 architecture:
      Size/MD5 checksum:   442330 cd7dd7e542d49f2637dc37471dabda3f
      Size/MD5 checksum:  4491428 1b421b03dc36bcf24f8dcd6e8ba1d686
      Size/MD5 checksum:   153566 0afa50ccbe9ead20dd61bf5942889b68
      Size/MD5 checksum:    89728 d6be5e22faa8b2e2ff2ed5e6b217018d

  Intel IA-64 architecture:
      Size/MD5 checksum:   673324 f6cb0da9666864418db7ca2e19d30891
      Size/MD5 checksum:  6625798 22d82f26a4b9e3125f8fb7150f62c9d6
      Size/MD5 checksum:   153724 6f25d2e866cdc235adb8f76fbb0376b2
      Size/MD5 checksum:   127998 cc1fe884aae15e10fb2c258b9188e877

  HP Precision architecture:
      Size/MD5 checksum:   488006 f2e4d90a29044fb5fd67e325719b1f15
      Size/MD5 checksum:  5786030 090527370ed04b383a29b326b23b9068
      Size/MD5 checksum:   153766 4ef286e994d17f1913bb38d075422173
      Size/MD5 checksum:    97288 cf6b5f91105e4bdab6b990d3351abf6d

  Motorola 680x0 architecture:
      Size/MD5 checksum:   446618 bdd31e470380ee9678b87a8d9ff983a4
      Size/MD5 checksum:  5563736 6be9de1247286c7b153accfe834fe767
      Size/MD5 checksum:   153800 cd3dbb07333adf5c17772bb7236426b8
      Size/MD5 checksum:    89806 4182783993c017ae07bd86febba3856f

  Big endian MIPS architecture:
      Size/MD5 checksum:   461298 b64d99e8fe40e18fa4b7060e23dc8cd5
      Size/MD5 checksum:  4722614 d76d340ebc6c30f442a7bccfd59c2282
      Size/MD5 checksum:   153730 99f3ae59636a44dd39085714415b07aa
      Size/MD5 checksum:    93490 5b84b97cdca540b72f6c977867f948e4

  Little endian MIPS architecture:
      Size/MD5 checksum:   456600 06eeea77def3c5c963321e9c172c1549
      Size/MD5 checksum:  4458842 5b4bf525350a429124986d896e2c0577
      Size/MD5 checksum:   153758 b7eb9c0e3fba302bfceb98fdebad2e69
      Size/MD5 checksum:    93436 a71148d1be63d63bfbad7ddea8987170

  PowerPC architecture:
      Size/MD5 checksum:   454474 48e260c08135b4bfaf040332fa6165d6
      Size/MD5 checksum:  5069306 cada16e51ac36beb419c5a9e5244fc77
      Size/MD5 checksum:   153766 8ddad2121b0db827060d2886efecbf3d
      Size/MD5 checksum:    93322 043923838d836bd067659bf7533bc157

  IBM S/390 architecture:
      Size/MD5 checksum:   478686 c9097866661b177049a51c22878497ad
      Size/MD5 checksum:  5620462 e05dcbf9b772756cb6dcffa55ef3da3a
      Size/MD5 checksum:   153734 e48d9671680e76186be783ee97228b2e
      Size/MD5 checksum:    98812 eddb2492f9e0d9996920c7b81656e986

  Sun Sparc architecture:
      Size/MD5 checksum:   463952 1ad7f54137bba08dc313ca4c967c0460
      Size/MD5 checksum:  5127628 771302e93a266684523a2ea4d01fa949
      Size/MD5 checksum:   153756 2ef798897bdea7c31ce6ef4c13b6cff3
      Size/MD5 checksum:    92690 27a7dbe545e8b3a4e6e749963f58ccb5

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.


LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"43","type":"x","order":"1","pct":81.13,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"5","type":"x","order":"2","pct":9.43,"resources":[]},{"id":"181","title":"Hardly ever","votes":"5","type":"x","order":"3","pct":9.43,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.