Linux Security
    Linux Security
    Linux Security

    Debian: ethereal fix several vulnerabilities DSA-1127-1

    Date 27 Jul 2006
    Posted By LinuxSecurity Advisories
    Updated package.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1127-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.                         Moritz Muehlenhoff
    July 28th, 2006               
    - --------------------------------------------------------------------------
    Package        : ethereal
    Vulnerability  : several
    Problem-Type   : remote
    Debian-specific: no
    CVE ID         : CVE-2006-3628 CVE-2006-3629 CVE-2006-3630 CVE-2006-3631 CVE-2006-3632
    Debian Bug     : 373913 375694
    Several remote vulnerabilities have been discovered in the Ethereal network
    sniffer, which may lead to the execution of arbitrary code. The Common
    Vulnerabilities and Exposures project identifies the following problems:
        Ilja van Sprundel discovered that the FW-1 and MQ dissectors are
        vulnerable to format string attacks.
        Ilja van Sprundel discovered that the MOUNT dissector is vulnerable
        to denial of service through memory exhaustion.
        Ilja van Sprundel discovered off-by-one overflows in the NCP NMAS and
        NDPS dissectors.
        Ilja van Sprundel discovered a buffer overflow in the NFS dissector.
        Ilja van Sprundel discovered that the SSH dissector is vulnerable
        to denial of service through an infinite loop.
    For the stable distribution (sarge) these problems have been fixed in
    version 0.10.10-2sarge6.
    For the unstable distribution (sid) these problems have been fixed in
    version 0.99.2-1 of wireshark, the sniffer formerly known as ethereal.
    We recommend that you upgrade your ethereal packages.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
      Source archives:
          Size/MD5 checksum:      855 c707f586104e8686d9d2244ce2d7a506
          Size/MD5 checksum:   173252 9c9821b8ebead45753446356c22cb578
          Size/MD5 checksum:  7411510 e6b74468412c17bb66cd459bfb61471c
      Alpha architecture:
          Size/MD5 checksum:   542792 15de1eb27365d6cae79d8d702e090f13
          Size/MD5 checksum:  5475590 bef681e66102e67d36b7e6a42c2c2c3f
          Size/MD5 checksum:   154412 847bd247de53a90c7280043bedac7d93
          Size/MD5 checksum:   106004 bee2da8a58d6e84c05b6a80537183694
      AMD64 architecture:
          Size/MD5 checksum:   486278 e6239c6efadea1399ad1fcab5a0da5f3
          Size/MD5 checksum:  5333976 61bcb38c72686eeb7e8587179ab7594f
          Size/MD5 checksum:   154406 a13fdfd340be02a602f6fc576f166005
          Size/MD5 checksum:    99298 7dd892a57430d66f7c97088b8c1eb187
      ARM architecture:
          Size/MD5 checksum:   472738 a10f7886e67d41949ec8488715276ca7
          Size/MD5 checksum:  4687198 d18c46329bf526579e7c1af409323610
          Size/MD5 checksum:   154434 5c23b40f20e4079a6c58c697914b54ef
          Size/MD5 checksum:    95276 a56fa4124bd4193ec75bdedeaefcb47b
      Intel IA-32 architecture:
          Size/MD5 checksum:   443394 e72fd2ff7eec3cbd08fc07ed9458aada
          Size/MD5 checksum:  4495996 9e1aebd1a408bf7472608917660ce9aa
          Size/MD5 checksum:   154398 d84eaeb2fae751e3b36046e87c1981e1
          Size/MD5 checksum:    90684 c699e114b221acd10350cf8b51c608b9
      Intel IA-64 architecture:
          Size/MD5 checksum:   674208 354b3cc9866e6fefe48b38925a48ae32
          Size/MD5 checksum:  6628612 e72ee2bfd8b6997a121c8a95b6742e4f
          Size/MD5 checksum:   154382 da6b4cf3246a63b4b8b94bc0db6d3dac
          Size/MD5 checksum:   128860 370f38c0c53088195b7418d3af996d35
      HP Precision architecture:
          Size/MD5 checksum:   489076 bf76e69441ef032d5d8ad8420b5b25b8
          Size/MD5 checksum:  5786654 7e88aabad273d3dd0e239f78ecc35491
          Size/MD5 checksum:   154442 325e842eae1b96b8a33ec8ae025739e2
          Size/MD5 checksum:    98192 7400d5ce588c3899f6e2b43f945bde6e
      Motorola 680x0 architecture:
          Size/MD5 checksum:   447546 489e9c8ae8069112a937c8a26d297709
          Size/MD5 checksum:  5564820 636aff3dca750cb3ac139c21404c49a1
          Size/MD5 checksum:   154472 776225c24043d3056c5b45914f24450a
          Size/MD5 checksum:    90680 98475c71576aaee068be4ff5353050fe
      Big endian MIPS architecture:
          Size/MD5 checksum:   462502 716d233fbf38161464290950590a071f
          Size/MD5 checksum:  4723270 60f129963a2ce9ffbd599b60cfba11cd
          Size/MD5 checksum:   154406 386b68e0403f729687d82786afb0241d
          Size/MD5 checksum:    94498 af2ed192e6d4690d263f01127a8edfee
      Little endian MIPS architecture:
          Size/MD5 checksum:   457750 ef72d36a3f9fa3945a98c14abc62e2ce
          Size/MD5 checksum:  4459970 36bf7f5d57e23e14d1ade0bf9f9d49b0
          Size/MD5 checksum:   154416 5d36a2d02f29374ef45bcdb1597423c5
          Size/MD5 checksum:    94410 c585ae00dadccef338c292c1a2c268f9
      PowerPC architecture:
          Size/MD5 checksum:   455484 893d1f6bbc3097840ba7e53cc542bbee
          Size/MD5 checksum:  5067540 e17cde3f8ff57a31a12270cb5d701257
          Size/MD5 checksum:   154414 7b51770205dc37fc2fde1fd9ca344dda
          Size/MD5 checksum:    94112 7a49b609694e1eea450e621da3b2bc1f
      IBM S/390 architecture:
          Size/MD5 checksum:   479470 528b47d9a5c453856edd9b6df28ebae7
          Size/MD5 checksum:  5620570 874edf4f0f86ab3aee3f48a55f95f0d0
          Size/MD5 checksum:   154400 86f2d581fa46af34788e0629c6e62ec5
          Size/MD5 checksum:    99696 1b622377fb056fe37b8104d295e56d28
      Sun Sparc architecture:
          Size/MD5 checksum:   465138 ad9fd25554415ff19dba6b89b5d48513
          Size/MD5 checksum:  5129848 f1a7015616428128a1c65394226a87fe
          Size/MD5 checksum:   154424 ff78808097ae2bc2b4ed753f1b76f1b9
          Size/MD5 checksum:    93600 a97f833739a88b5484b59989be966d0d
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"8","type":"x","order":"1","pct":27.59,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":20.69,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":51.72,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.