Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 49 articles for you...
89

Fedora 0.9.16 Critical: Ethereal Buffer Overflow Fix Released

These updated ethereal packages fix a security problem found in versions prior to 0.9.16. It also fixes several other minor bugs and problems. . ---------------------------------------------------------------------Fedora Update Notification FEDORA-2003-022 2003-11-25 ---------------------------------------------------------------------Name : ethereal Version : 0.9.16 Release : 2.FC1.1 Summary : Network traffic analyzer Description : Ethereal is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for ethereal. A graphical user interface is packaged separately to GTK+ package. ---------------------------------------------------------------------Update Information: These updated ethereal packages fix a security problem found in versions prior to 0.9.16. It also fixes several other minor bugs and problems. All users of ethereal are recommended to update to these newest packages. ---------------------------------------------------------------------* Tue Nov 25 2003 Phil Knirsch 0.9.16-2.FC1.1 - Added BuildRequires for elfutils-devel (#89466). - Fixed buggy desktop entry (#105704). - Fixed out of bound array access (#110749). - Build Fedora core 1 errata for ethereal. * Fri Nov 07 2003 Phil Knirsch 0.9.16-2 - rebuilt * Wed Nov 05 2003 Phil Knirsch 0.9.16-1 - Updated to latest upstream version 0.9.16 ---------------------------------------------------------------------This update can be downloaded from: SRPMS/ethereal-0.9.16-2.FC1.1.src.rpm md5 sum: 4fea34a2e0e7e6c48dde6b2c08de549d i386/ethereal-0.9.16-2.FC1.1.i386.rpm md5 sum: 7e2d061e1e1c08fa6da4ab292647d6b4 i386/ethereal-gnome-0.9.16-2.FC1.1.i386.rpm md5 sum: 0695ec2615b93668fecf2c750770815e i386/debug/ethereal-debuginfo-0.9.16-2.FC1.1.i386.rpm md5 sum: 670e64737be107e8c3e0c138de4c714a This update can also be installedwith the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- . ---------------------------------------------------------------------Fedora Update Notification FEDO. these, updated, ethereal, packages, security, problem, found, versions, prior. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 08, 2023 Critical Fedora
100

SUSE: 2023-045 Moderate: Libcurl Remote Exploitation Vulnerability

Various problems have been fixed in the network analyzer Ethereal (now called Various problems have been fixed in the network analyzer Ethereal (now called Wireshark), most of them leading to crashes of the ethereal program. Wireshark), most of them leading to crashes of the ethereal program. CVE-2006-5740: An unspecified vulnerability in the LDAP dissector could be used to crash Ethereal. CVE-2 [More...]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: ethereal Announcement ID: SUSE-SA:2006:065 Date: Tue, 14 Nov 2006 11:00:00 +0000 Affected Products: Novell Linux POS 9 Open Enterprise Server SUSE LINUX 10.1 SUSE LINUX 10.0 SUSE LINUX 9.3 SuSE Linux Enterprise Server 8 SuSE Linux Openexchange Server 4 SUSE LINUX Retail Solution 8 SuSE Linux School Server SuSE Linux Standard Server 8 SUSE SLED 10 SUSE SLES 10 SUSE SLES 9 UnitedLinux 1.0 Vulnerability Type: remote denial of service Severity (1-10): 5 SUSE Default Package: no Cross-References: CVE-2006-4574, CVE-2006-4805, CVE-2006-5468 CVE-2006-5469, CVE-2006-5740 Content of This Advisory: 1) Security Vulnerability Resolved: several security problems in wireshark/ethereal Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5)Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion Various problems have been fixed in the network analyzer Ethereal (now called Wireshark), most of them leading to crashes of the ethereal program. CVE-2006-5740: An unspecified vulnerability in the LDAP dissector could be used to crash Ethereal. CVE-2006-4574: A single \0 byte heap overflow was fixed in the MIME multipart dissector. Potential of exploitability is unknown, but considered low. CVE-2006-4805: A denial of service problem in the XOT dissector can cause it to take up huge amount of memory and crash ethereal. CVE-2006-5469: The WBXML dissector could be used to crash ethereal. CVE-2006-5468: A NULL pointer dereference in the HTTP dissector could crash ethereal. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes None. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv to apply the update, replacing with the filename of the downloaded RPM package. x86 Platform: SUSE LINUX 10.1: 6aecc0deb29a6339f1fa941c65844c6d 4c207d76c0f0ada418b790dadcff33f5 SUSE LINUX 10.0: 2f904b719bfbed232744856a4f9eca91 f6957aa0c03893d7fd47873999aaf5c1 SUSE LINUX 9.3: 74cf82fc2bc0a400ca64c66d45064847 PowerPC Platform: SUSE LINUX 10.1: 1c832fcde7f65332e9d0b47274229f69 7f303f1eeccd68a1eee8057f56807a3f SUSE LINUX 10.0: 542ae786e2cb511767c7a4e6449b80cf 178014fc85ec3a0ca43ed9b8ed1cdd26 x86-64 Platform: SUSE LINUX 10.1: 30ca5d51e0f3e889b31a59bad4611dfc 2990cb62f731d700675a75203bbd5aa7 SUSE LINUX 10.0: 542b66bcc88e07faec6c33abda8f5d7c 7a936eff6d66a5574e564c4255e3fa46 SUSE LINUX 9.3: bd6cc27b6b9e05441bacdba249357f5d Sources: SUSE LINUX 10.1: b04b4bb194dfbf4ea92b822149bd3664 SUSE LINUX 10.0: ff3b7fd57d84597700a75f95fbfcc3e7 SUSE LINUX 9.3: b53b87038538e026052356b8a89a0f82 Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: UnitedLinux 1.0 http://support.novell.com/techcenter/psdb/c4745f0c0b9184f32b2201f189dc66f6.html SuSE Linux Openexchange Server 4 http://support.novell.com/techcenter/psdb/c4745f0c0b9184f32b2201f189dc66f6.html Open Enterprise Server http://support.novell.com/techcenter/psdb/c4745f0c0b9184f32b2201f189dc66f6.html Novell Linux POS 9 http://support.novell.com/techcenter/psdb/c4745f0c0b9184f32b2201f189dc66f6.html SuSE Linux Enterprise Server 8 http://support.novell.com/techcenter/psdb/c4745f0c0b9184f32b2201f189dc66f6.html SuSE Linux Standard Server 8 http://support.novell.com/techcenter/psdb/c4745f0c0b9184f32b2201f189dc66f6.html SuSE Linux School Server http://support.novell.com/techcenter/psdb/c4745f0c0b9184f32b2201f189dc66f6.html SUSE LINUX Retail Solution 8 http://support.novell.com/techcenter/psdb/c4745f0c0b9184f32b2201f189dc66f6.html SUSE SLES 10 http://support.novell.com/techcenter/psdb/c4745f0c0b9184f32b2201f189dc66f6.html SUSE SLED 10 http://support.novell.com/techcenter/psdb/c4745f0c0b9184f32b2201f189dc66f6.html SUSE SLES 9 http://support.novell.com/techcenter/psdb/c4745f0c0b9184f32b2201f189dc66f6.html ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify replacing with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team " where is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures providean easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from This email address is being protected from spambots. You need JavaScript enabled to view it. with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by This email address is being protected from spambots. You need JavaScript enabled to view it.), the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: This email address is being protected from spambots. You need JavaScript enabled to view it. - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to . This email address is being protected from spambots. You need JavaScript enabled to view it. - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to . For general information or the frequently asked questions (FAQ), send mail to or . ==================================================================== SUSE's security contact is or . The public key is listed below. ==================================================================== . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________. various, problems, network, analyzer, ethereal, called. . LinuxSecurity.com Team

Calendar%202 Nov 14, 2006 SuSE
87

Debian: DSA 1201-1 Critical: Ethereal Remote DoS Issues

Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 1201-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Moritz Muehlenhoff October 31st, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : ethereal Vulnerability : several Problem-Type : remote Debian-specific: no CVE ID : CVE-2006-4574 CVE-2006-4805 Debian Bug : 396258 Several remote vulnerabilities have been discovered in the Ethereal network scanner. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-4574 It was discovered that the MIME multipart dissector is vulnerable to denial of service caused by an off-by-one overflow. CVE-2006-4805 It was discovered that the XOT dissector is vulnerable to denial of service caused by memory corruption. For the stable distribution (sarge) these problems have been fixed in version 0.10.10-2sarge9. Due to technical problems with the security buildd infrastructure this update lacks builds for the hppa and sparc architecture. They will be released as soon as the problems are resolved. For the unstable distribution (sid) these problems will be fixed soon. We recommend that you upgrade your ethereal packages. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: Size/MD5 checksum: 855 4111fa99ac63f549e0ed3e2db668e542 Size/MD5 checksum: 178221 6566de4d9fc112f25f6bfaf45ad77faa Size/MD5 checksum: 7411510 e6b74468412c17bb66cd459bfb61471c Alpha architecture: Size/MD5 checksum: 543092 c89ff6f8bdc7e6f7eb2650d5076f03e6 Size/MD5 checksum: 5476386 e2a8e648f15a347d05f5e5cd624edb4c Size/MD5 checksum: 154592 5e0d5c37c0cc589d05d6e748e51e03ea Size/MD5 checksum: 106306 f23e0e55dc96d7bdcb0fb95cdfba5548 AMD64 architecture: Size/MD5 checksum: 486550 ffd006375c90a4d059af7a024188776e Size/MD5 checksum: 5334530 341c8645167abbae9ae6147b83649edb Size/MD5 checksum: 154598 b1d1d14d3d41120c1c5c65ce89f08ab2 Size/MD5 checksum: 99588 fdf5d3d8677e03c3edf2cfff04fba4ec ARM architecture: Size/MD5 checksum: 473062 9a901ea673c269ccbf41ecdff1df53dd Size/MD5 checksum: 4688102 09120393788e912b7ac18182b09fcd2e Size/MD5 checksum: 154596 e539e5c413c0c39957c0abb9b34c9cfb Size/MD5 checksum: 95664 2131328ee58a900aedf3766ddbbfc98e Intel IA-32 architecture: Size/MD5 checksum: 443698 7693be67596d17632cf4723f8a54d047 Size/MD5 checksum: 4529248 0139a1d19b4957c004df779e38a24a59 Size/MD5 checksum: 154592 9c0525063d401ee054b27ce38d634e33 Size/MD5 checksum: 90942 96abf559fb9430b1692d2d90a66ecc5c Intel IA-64 architecture: Size/MD5 checksum: 674472 4abd34b813b05e024043da18bb3e402c Size/MD5 checksum: 6630134 99f54db4831942d42296ab0a95342478 Size/MD5 checksum: 154594 97f03089c5a2f20ba38344f6cec55b30 Size/MD5 checksum: 129198 1112f7607579fcd8b9ca08f71343f634 Motorola 680x0 architecture: Size/MD5 checksum: 447802 232f5842aa0e6adb46d20a7bb185f96d Size/MD5 checksum: 5565136 fb513962f4e20d66c623a73b5ee9e885 Size/MD5 checksum: 154662 a3b9b1d5863b3aa898f0cc99c1cd6698 Size/MD5checksum: 90952 dd7d57c87b84651cf379e89001605323 Big endian MIPS architecture: Size/MD5 checksum: 462804 d4684b24816cc54d47cfad4ce32bd0b5 Size/MD5 checksum: 4723362 7656bd956876056e532df9ecaec97471 Size/MD5 checksum: 154588 8645620716b8d688475fd2ca631ab986 Size/MD5 checksum: 94788 40066b71cfc3a122453e130e537c2302 Little endian MIPS architecture: Size/MD5 checksum: 458076 1ac138ade7fd91253806ae4d8480154b Size/MD5 checksum: 4460986 7e9ca725df417dae65208e865ea329d6 Size/MD5 checksum: 154606 ce8c4b32631676bc7817c3f4dfa5f6ca Size/MD5 checksum: 94696 d9525ded73ae609c0dc7672f1279626a PowerPC architecture: Size/MD5 checksum: 455752 8e5806f6f6a86f8b066c6366fbdaacfe Size/MD5 checksum: 5067972 c832d4ee9e201fffe698c4e5e8c064d6 Size/MD5 checksum: 154602 ec05dd9cb9fda2cb532fc4a02b73870d Size/MD5 checksum: 94360 811445845ed5bc677c68597f4dc57553 IBM S/390 architecture: Size/MD5 checksum: 479716 1f9523a1563752c8b3f3ae3b77ee9e15 Size/MD5 checksum: 5621732 36e4ce1ddaf99edf598933bc8af19c7b Size/MD5 checksum: 154590 5b08647010fc5275a27ded68e63d4859 Size/MD5 checksum: 99946 93cb4151f77499728d2734c64a04f8c2 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Transcendent software components enhanced in Ubuntu to address external denial of service threats highlighted in notice DSA 1201-1.. Ethereal Packages, Debian Security, Denial of Service. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Oct 31, 2006 Critical Debian
87

Debian: DSA 1171-1 Moderate: Ethereal Remote Code Execution Risks

Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 1171-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Moritz Muehlenhoff September 7th, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : ethereal Vulnerability : several Problem-Type : remote Debian-specific: no CVE ID : CVE-2006-4333 CVE-2005-3241 CVE-2005-3242 CVE-2005-3243 CVE-2005-3244 CVE-2005-3246 CVE-2005-3248 Debian Bug : 384528 334880 Several remote vulnerabilities have been discovered in the Ethereal network scanner, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-4333 It was discovered that the Q.2391 dissector is vulnerable to denial of service caused by memory exhaustion. CVE-2005-3241 It was discovered that the FC-FCS, RSVP and ISIS-LSP dissectors are vulnerable to denial of service caused by memory exhaustion. CVE-2005-3242 It was discovered that the IrDA and SMB dissectors are vulnerable to denial of service caused by memory corruption. CVE-2005-3243 It was discovered that the SLIMP3 and AgentX dissectors are vulnerable to code injection caused by buffer overflows. CVE-2005-3244 It was discovered that the BER dissector is vulnerable to denial of service caused by an infinite loop. CVE-2005-3246 It was discovered that the NCP and RTnet dissectors are vulnerable to denial of service caused by a null pointer dereference. CVE-2005-3248 It was discovered that the X11 dissector is vulnerable denial of service caused by a division through zero. This update also fixes a 64 bit-specific regression in the ASN.1 decoder, which has been introduced in a previous DSA. For the stable distribution (sarge)these problems have been fixed in version 0.10.10-2sarge8. For the unstable distribution (sid) these problems have been fixed in version 0.99.2-5.1 of wireshark, the network sniffer formerly known as ethereal. We recommend that you upgrade your ethereal packages. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - --------------------------------Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 855 159309d848ffa90cb5ae336582a8e7d4 Size/MD5 checksum: 7411510 e6b74468412c17bb66cd459bfb61471c Size/MD5 checksum: 177921 ee1ce43eb48106f1fc0b75bc9ff3c241 alpha architecture (DEC Alpha) Size/MD5 checksum: 5476146 cf5b01f923e68a3f07d0080ef69f2b57 Size/MD5 checksum: 154566 615069b5905d6c2aec9a357eb0dd1306 Size/MD5 checksum: 106250 cfe9461049fc5e1997d68cbd1a6d6b78 Size/MD5 checksum: 543034 5c9eaadae44224a002902c4196847aa0 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 154556 67cfc697c120e54c489e1552b1a58b6e Size/MD5 checksum: 99542 09093de7c28ec1741106dac694ffcae3 Size/MD5 checksum: 486502 addeab1c3d70537c088574f9f68e6e6d Size/MD5 checksum: 5334616 1700b3e18c2b45594cbb80ef2ea58019 arm architecture (ARM) Size/MD5 checksum: 95616 39dbfe3ac08048f95b19d74c644b780c Size/MD5 checksum: 154596 209d45b3ebf7ba313bb7db0c00a095bd Size/MD5 checksum: 472996 5f0d04db811734c1f1c8c814c93ceaaa Size/MD5 checksum: 4687892 5b2737d93a7e3673630e96744f648b51 hppa architecture (HP PA RISC) Size/MD5 checksum: 5787290 f36dc8ae6a78acb2d6a8fa71b18af9cc Size/MD5 checksum: 154576 5ce456fee2af8fb5b4f19d786166faf6 Size/MD5 checksum: 489292 71832119d10ab77eb4547840cf7d3504 Size/MD5 checksum: 98452 94aae2f351900a65edfddcae9e880bf6 i386 architecture (Intel ia32) Size/MD5 checksum: 443646 f830051bf5920e2999a8ef9bab332ed2 Size/MD5 checksum: 4529156 4f6c8ec5448ea7b6aa826fce639a5781 Size/MD5 checksum: 90878 45f09d9fe820e537fd9e140fbe86de07 Size/MD5 checksum: 154556 a1a78549f0981eb9aa0f77fdd9ce612b ia64 architecture (Intel ia64) Size/MD5 checksum: 6630098 82fc3ba6dd822ee192c2050dc6f38dcf Size/MD5 checksum: 674420 9b84646b4f81e1c9415656768f6dc687 Size/MD5 checksum: 129156 c3deca896916d3a3d1c1065f5e2717c8 Size/MD5 checksum: 154554 e8a6435b4e1287af4ebfe3cb606c74af m68k architecture (Motorola Mc680x0) Size/MD5 checksum: 90904 ab21fa89ad4a12f8e0c579872a1c07c4 Size/MD5 checksum: 154614 b384ae036ab5c2b85f62af368b689a04 Size/MD5 checksum: 447752 6a8378ecb8337071ef8b1199529700be Size/MD5 checksum: 5565186 647220c660fd8546c9ca4a18e9d7a792 mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 154572 434928f40a6b3e4bf2d7dce6beb72edb Size/MD5 checksum: 94736 4eb62077c31de2ac2ec10a760199b9eb Size/MD5 checksum: 4723218 9c827aab812bef7a58d5429ee8287d74 Size/MD5 checksum: 462746 fa7d8236f1407836dcc601317afa8df2 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 94650 7f64290882d7c8c579818fdc1c7e215b Size/MD5 checksum: 154584 934dc675944e857216c72fc29ec46a55 Size/MD5 checksum: 458030 487ea6f3a1fd7620b4ae33f4d5e8c8c3 Size/MD5 checksum: 4460700 e0062d687a84b9782e645b0d72cbb248 powerpc architecture (PowerPC) Size/MD5 checksum: 455716 a203882270b251513b2269b688d59256 Size/MD5 checksum: 5068470 7976f110d32b6bb83c00afa49fd75493 Size/MD5 checksum: 154570 7622c3b6ca781d622cb305e9a485f447 Size/MD5 checksum: 94320 5e5391b1f1dc2bc4992582930e28f2a3 s390 architecture (IBM S/390) Size/MD5 checksum: 5621642 092cf076ce4e6fd479ea09fdb14d6e87 Size/MD5 checksum: 154566 f3dae98783c87fb3ff088be62608aef7 Size/MD5 checksum: 479662 e4b854e30aa801eb67a33d1077eb1e9b Size/MD5 checksum: 99904 0516f4694b47ae4637b09e82d321eecc sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 5130234 44a97eeb06a2d82bbbcfba2712700792 Size/MD5 checksum: 93828 4f44e9be92792058641044db66993758 Size/MD5 checksum: 465390 42670783f2750c3d5f426fe76bd17696 Size/MD5 checksum: 154566 6f25990f50443c48e802e29881ddc3ff These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . - --------------------------------------------------------------------------Debian Security Advisory. updated, package, --------------------------------------------------------------------------debian. . LinuxSecurity.com Team

Calendar%202 Sep 07, 2006 Debian
98

Red Hat: RHSA-2006:0602-01 Moderate: Wireshark Denial Of Service

New Wireshark packages that fix various security vulnerabilities in Ethereal are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: wireshark security update (was ethereal) Advisory ID: RHSA-2006:0602-01 Advisory URL: https://access.redhat.com/errata/RHSA-2006:0602.html Issue date: 2006-08-16 Updated on: 2006-08-16 Product: Red Hat Enterprise Linux Keywords: ethereal CVE Names: CVE-2006-3627 CVE-2006-3628 CVE-2006-3629 CVE-2006-3630 CVE-2006-3631 CVE-2006-3632 - ---------------------------------------------------------------------1. Summary: New Wireshark packages that fix various security vulnerabilities in Ethereal are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Ethereal is a program for monitoring network traffic. In May 2006, Ethereal changed its name to Wireshark. This update deprecates the Ethereal packages in Red Hat Enterprise Linux 2.1, 3, and 4 in favor ofthe supported Wireshark packages. Several denial of service bugs were found in Ethereal's protocol dissectors. It was possible for Ethereal to crash or stop responding if it read a malformed packet off the network. (CVE-2006-3627, CVE-2006-3629, CVE-2006-3631) Several buffer overflow bugs were found in Ethereal's ANSI MAP, NCP NMAS, and NDPStelnet dissectors. It was possible for Ethereal to crash or execute arbitrary code if it read a malformed packet off the network. (CVE-2006-3630, CVE-2006-3632) Several format string bugs were found in Ethereal's Checkpoint FW-1, MQ, XML, and NTP dissectors. It was possible for Ethereal to crash or execute arbitrary code if it read a malformed packet off the network. (CVE-2006-3628) Users of Ethereal should upgrade to these updated packages containing Wireshark version 0.99.2, which is not vulnerable to these issues 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 199231 - Replace (EOL) Ethereal with Wireshark 199232 - CVE-2006-3627 Mulitple security issues (CVE-2006-3628 CVE-2006-3629 CVE-2006-3630 CVE-2006-3631 CVE-2006-3632) 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: 25d714d662d87bb9bc60adcd91099dcd wireshark-0.99.2-AS21.1.src.rpm i386: 8927c005c973fb4666a0cfd43b6b560c wireshark-0.99.2-AS21.1.i386.rpm c04ac84dacc0c796a81b10c65411d53e wireshark-gnome-0.99.2-AS21.1.i386.rpm ia64: a87f6648d29ed3334c51c030929a4075 wireshark-0.99.2-AS21.1.ia64.rpm 58725a5b3652f96c4d78d4f9d376541d wireshark-gnome-0.99.2-AS21.1.ia64.rpm Red Hat Linux Advanced Workstation2.1: SRPMS: 25d714d662d87bb9bc60adcd91099dcd wireshark-0.99.2-AS21.1.src.rpm ia64: a87f6648d29ed3334c51c030929a4075 wireshark-0.99.2-AS21.1.ia64.rpm 58725a5b3652f96c4d78d4f9d376541d wireshark-gnome-0.99.2-AS21.1.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: 25d714d662d87bb9bc60adcd91099dcd wireshark-0.99.2-AS21.1.src.rpm i386: 8927c005c973fb4666a0cfd43b6b560c wireshark-0.99.2-AS21.1.i386.rpm c04ac84dacc0c796a81b10c65411d53e wireshark-gnome-0.99.2-AS21.1.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: 25d714d662d87bb9bc60adcd91099dcd wireshark-0.99.2-AS21.1.src.rpm i386: 8927c005c973fb4666a0cfd43b6b560c wireshark-0.99.2-AS21.1.i386.rpm c04ac84dacc0c796a81b10c65411d53e wireshark-gnome-0.99.2-AS21.1.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: 373f17d73f87abdcc4c3b05011748b61 wireshark-0.99.2-EL3.1.src.rpm i386: 36076bbb094e3e51be5f288ab758f907 wireshark-0.99.2-EL3.1.i386.rpm 75e7eef4c095aa96156a18480ec654bb wireshark-debuginfo-0.99.2-EL3.1.i386.rpm 8af7bf695cf20cb6dbcd783a4758ba96 wireshark-gnome-0.99.2-EL3.1.i386.rpm ia64: 0a7d706e2e9f5e561d369394ad4592ea wireshark-0.99.2-EL3.1.ia64.rpm ca1a7f837ab215ce2cb024bb7df2638f wireshark-debuginfo-0.99.2-EL3.1.ia64.rpm 54b0c4b442ae4ef4c8aa6d67e9fb7429 wireshark-gnome-0.99.2-EL3.1.ia64.rpm ppc: 71c7950ff7be426097ad780c178624f3 wireshark-0.99.2-EL3.1.ppc.rpm 9452e56a8d0e2dcf61bd18a5e12d745f wireshark-debuginfo-0.99.2-EL3.1.ppc.rpm f49ba57fee7cdb872ced67455b79c64c wireshark-gnome-0.99.2-EL3.1.ppc.rpm s390: 74235e86b174276d61b7d78b64b79ad2 wireshark-0.99.2-EL3.1.s390.rpm e638fa214ac7c8662ba0205c0a515ec3 wireshark-debuginfo-0.99.2-EL3.1.s390.rpm bf2e0de72f5040283f0fe92d4d0c621e wireshark-gnome-0.99.2-EL3.1.s390.rpm s390x: d7ca0676bb6033392d19d924bac944e8 wireshark-0.99.2-EL3.1.s390x.rpm bf5c63ec60803c09585f5fcc5af512a4 wireshark-debuginfo-0.99.2-EL3.1.s390x.rpm ffaaa314b468995aeadf0ceb72bbf146 wireshark-gnome-0.99.2-EL3.1.s390x.rpm x86_64: 0002bc60caae8f6c148f250d3f83d8a7 wireshark-0.99.2-EL3.1.x86_64.rpm 03fa94f091e97d2ca4331f816803b445 wireshark-debuginfo-0.99.2-EL3.1.x86_64.rpm 958f3d197cd63bc2840513b9d6ad7cf3 wireshark-gnome-0.99.2-EL3.1.x86_64.rpm Red Hat Desktop version 3: SRPMS: 373f17d73f87abdcc4c3b05011748b61 wireshark-0.99.2-EL3.1.src.rpm i386: 36076bbb094e3e51be5f288ab758f907 wireshark-0.99.2-EL3.1.i386.rpm 75e7eef4c095aa96156a18480ec654bb wireshark-debuginfo-0.99.2-EL3.1.i386.rpm 8af7bf695cf20cb6dbcd783a4758ba96 wireshark-gnome-0.99.2-EL3.1.i386.rpm x86_64: 0002bc60caae8f6c148f250d3f83d8a7 wireshark-0.99.2-EL3.1.x86_64.rpm 03fa94f091e97d2ca4331f816803b445 wireshark-debuginfo-0.99.2-EL3.1.x86_64.rpm 958f3d197cd63bc2840513b9d6ad7cf3 wireshark-gnome-0.99.2-EL3.1.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: 373f17d73f87abdcc4c3b05011748b61 wireshark-0.99.2-EL3.1.src.rpm i386: 36076bbb094e3e51be5f288ab758f907 wireshark-0.99.2-EL3.1.i386.rpm 75e7eef4c095aa96156a18480ec654bb wireshark-debuginfo-0.99.2-EL3.1.i386.rpm 8af7bf695cf20cb6dbcd783a4758ba96 wireshark-gnome-0.99.2-EL3.1.i386.rpm ia64: 0a7d706e2e9f5e561d369394ad4592ea wireshark-0.99.2-EL3.1.ia64.rpm ca1a7f837ab215ce2cb024bb7df2638f wireshark-debuginfo-0.99.2-EL3.1.ia64.rpm 54b0c4b442ae4ef4c8aa6d67e9fb7429 wireshark-gnome-0.99.2-EL3.1.ia64.rpm x86_64: 0002bc60caae8f6c148f250d3f83d8a7 wireshark-0.99.2-EL3.1.x86_64.rpm 03fa94f091e97d2ca4331f816803b445 wireshark-debuginfo-0.99.2-EL3.1.x86_64.rpm 958f3d197cd63bc2840513b9d6ad7cf3 wireshark-gnome-0.99.2-EL3.1.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: 373f17d73f87abdcc4c3b05011748b61 wireshark-0.99.2-EL3.1.src.rpm i386: 36076bbb094e3e51be5f288ab758f907 wireshark-0.99.2-EL3.1.i386.rpm 75e7eef4c095aa96156a18480ec654bb wireshark-debuginfo-0.99.2-EL3.1.i386.rpm 8af7bf695cf20cb6dbcd783a4758ba96 wireshark-gnome-0.99.2-EL3.1.i386.rpm ia64: 0a7d706e2e9f5e561d369394ad4592ea wireshark-0.99.2-EL3.1.ia64.rpm ca1a7f837ab215ce2cb024bb7df2638f wireshark-debuginfo-0.99.2-EL3.1.ia64.rpm 54b0c4b442ae4ef4c8aa6d67e9fb7429 wireshark-gnome-0.99.2-EL3.1.ia64.rpm x86_64: 0002bc60caae8f6c148f250d3f83d8a7 wireshark-0.99.2-EL3.1.x86_64.rpm 03fa94f091e97d2ca4331f816803b445 wireshark-debuginfo-0.99.2-EL3.1.x86_64.rpm 958f3d197cd63bc2840513b9d6ad7cf3 wireshark-gnome-0.99.2-EL3.1.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: d1d8691f877b182421062ffb68b12c73 wireshark-0.99.2-EL4.1.src.rpm i386: b8a8436105222fc683a4d24ad0f5db32 wireshark-0.99.2-EL4.1.i386.rpm 1b62fc9aa3b919b8f4978b1555b2cc18 wireshark-debuginfo-0.99.2-EL4.1.i386.rpm ed5a81a03c41b4031c6748f3306b0f8d wireshark-gnome-0.99.2-EL4.1.i386.rpm ia64: e7cdb72c061a7713e4058f119d114ee6 wireshark-0.99.2-EL4.1.ia64.rpm 9bddf64c33ef1d607b74e4b50dc4f383 wireshark-debuginfo-0.99.2-EL4.1.ia64.rpm ab82155db474b7e108840a9e4a45f1b9 wireshark-gnome-0.99.2-EL4.1.ia64.rpm ppc: 8b752904fd6243744f5ffc2a35601a05 wireshark-0.99.2-EL4.1.ppc.rpm 64ee7b63868ef1469f0a90a1a9932cf8 wireshark-debuginfo-0.99.2-EL4.1.ppc.rpm 57cc6483d4c1bcbd27fe72d1b010340a wireshark-gnome-0.99.2-EL4.1.ppc.rpm s390: 83727754415aff984f87de335154bd00 wireshark-0.99.2-EL4.1.s390.rpm d220a678e73853f6c267263973d58ca3 wireshark-debuginfo-0.99.2-EL4.1.s390.rpm b09d6f3d455df476eb2b2cbaf21588f5 wireshark-gnome-0.99.2-EL4.1.s390.rpm s390x: 2595124a674e82ac0f92929ad0926431 wireshark-0.99.2-EL4.1.s390x.rpm 4d09485ecb82a115b2ee66807133bdb2 wireshark-debuginfo-0.99.2-EL4.1.s390x.rpm 8783de51443e60bbd40528ed6998eb97 wireshark-gnome-0.99.2-EL4.1.s390x.rpm x86_64: 50c1fd333e69d510a9c200ab22bc43b9 wireshark-0.99.2-EL4.1.x86_64.rpm af5e98e4fbf4d4c11ed0d34beaf7a449 wireshark-debuginfo-0.99.2-EL4.1.x86_64.rpm e38949dfb265b13226ac74ff57b6a3d7 wireshark-gnome-0.99.2-EL4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: d1d8691f877b182421062ffb68b12c73 wireshark-0.99.2-EL4.1.src.rpm i386: b8a8436105222fc683a4d24ad0f5db32 wireshark-0.99.2-EL4.1.i386.rpm 1b62fc9aa3b919b8f4978b1555b2cc18 wireshark-debuginfo-0.99.2-EL4.1.i386.rpm ed5a81a03c41b4031c6748f3306b0f8d wireshark-gnome-0.99.2-EL4.1.i386.rpm x86_64: 50c1fd333e69d510a9c200ab22bc43b9 wireshark-0.99.2-EL4.1.x86_64.rpm af5e98e4fbf4d4c11ed0d34beaf7a449 wireshark-debuginfo-0.99.2-EL4.1.x86_64.rpm e38949dfb265b13226ac74ff57b6a3d7 wireshark-gnome-0.99.2-EL4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: d1d8691f877b182421062ffb68b12c73 wireshark-0.99.2-EL4.1.src.rpm i386: b8a8436105222fc683a4d24ad0f5db32 wireshark-0.99.2-EL4.1.i386.rpm 1b62fc9aa3b919b8f4978b1555b2cc18 wireshark-debuginfo-0.99.2-EL4.1.i386.rpm ed5a81a03c41b4031c6748f3306b0f8d wireshark-gnome-0.99.2-EL4.1.i386.rpm ia64: e7cdb72c061a7713e4058f119d114ee6 wireshark-0.99.2-EL4.1.ia64.rpm 9bddf64c33ef1d607b74e4b50dc4f383 wireshark-debuginfo-0.99.2-EL4.1.ia64.rpm ab82155db474b7e108840a9e4a45f1b9 wireshark-gnome-0.99.2-EL4.1.ia64.rpm x86_64: 50c1fd333e69d510a9c200ab22bc43b9 wireshark-0.99.2-EL4.1.x86_64.rpm af5e98e4fbf4d4c11ed0d34beaf7a449 wireshark-debuginfo-0.99.2-EL4.1.x86_64.rpm e38949dfb265b13226ac74ff57b6a3d7 wireshark-gnome-0.99.2-EL4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: d1d8691f877b182421062ffb68b12c73 wireshark-0.99.2-EL4.1.src.rpm i386: b8a8436105222fc683a4d24ad0f5db32 wireshark-0.99.2-EL4.1.i386.rpm 1b62fc9aa3b919b8f4978b1555b2cc18 wireshark-debuginfo-0.99.2-EL4.1.i386.rpm ed5a81a03c41b4031c6748f3306b0f8d wireshark-gnome-0.99.2-EL4.1.i386.rpm ia64: e7cdb72c061a7713e4058f119d114ee6 wireshark-0.99.2-EL4.1.ia64.rpm 9bddf64c33ef1d607b74e4b50dc4f383 wireshark-debuginfo-0.99.2-EL4.1.ia64.rpm ab82155db474b7e108840a9e4a45f1b9 wireshark-gnome-0.99.2-EL4.1.ia64.rpm x86_64: 50c1fd333e69d510a9c200ab22bc43b9 wireshark-0.99.2-EL4.1.x86_64.rpm af5e98e4fbf4d4c11ed0d34beaf7a449 wireshark-debuginfo-0.99.2-EL4.1.x86_64.rpm e38949dfb265b13226ac74ff57b6a3d7 wireshark-gnome-0.99.2-EL4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2006-3627 https://www.cve.org/CVERecord?id=CVE-2006-3628 https://www.cve.org/CVERecord?id=CVE-2006-3629 https://www.cve.org/CVERecord?id=CVE-2006-3630 https://www.cve.org/CVERecord?id=CVE-2006-3631 https://www.cve.org/CVERecord?id=CVE-2006-3632 https://www.wireshark.org/security/wnpa-sec-2006-01.html https://www.wireshark.org/faq.html https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. . Enhance your Wireshark installation to rectify several security vulnerabilities classified as moderate risk according to Red Hat Advisory RHSA-2006:0602.. Wireshark Update, Red Hat Advisory, Network Security, Wireshark Ethereal. . LinuxSecurity.com Team

Calendar%202 Aug 16, 2006 Red Hat
87

Debian Sarge DSA 1127-1 Moderate: Ethereal Remote Exploit

Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 1127-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Moritz Muehlenhoff July 28th, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : ethereal Vulnerability : several Problem-Type : remote Debian-specific: no CVE ID : CVE-2006-3628 CVE-2006-3629 CVE-2006-3630 CVE-2006-3631 CVE-2006-3632 Debian Bug : 373913 375694 Several remote vulnerabilities have been discovered in the Ethereal network sniffer, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-3628 Ilja van Sprundel discovered that the FW-1 and MQ dissectors are vulnerable to format string attacks. CVE-2006-3629 Ilja van Sprundel discovered that the MOUNT dissector is vulnerable to denial of service through memory exhaustion. CVE-2006-3630 Ilja van Sprundel discovered off-by-one overflows in the NCP NMAS and NDPS dissectors. CVE-2006-3631 Ilja van Sprundel discovered a buffer overflow in the NFS dissector. CVE-2006-3632 Ilja van Sprundel discovered that the SSH dissector is vulnerable to denial of service through an infinite loop. For the stable distribution (sarge) these problems have been fixed in version 0.10.10-2sarge6. For the unstable distribution (sid) these problems have been fixed in version 0.99.2-1 of wireshark, the sniffer formerly known as ethereal. We recommend that you upgrade your ethereal packages. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: Size/MD5 checksum: 855 c707f586104e8686d9d2244ce2d7a506 Size/MD5 checksum: 173252 9c9821b8ebead45753446356c22cb578 Size/MD5 checksum: 7411510 e6b74468412c17bb66cd459bfb61471c Alpha architecture: Size/MD5 checksum: 542792 15de1eb27365d6cae79d8d702e090f13 Size/MD5 checksum: 5475590 bef681e66102e67d36b7e6a42c2c2c3f Size/MD5 checksum: 154412 847bd247de53a90c7280043bedac7d93 Size/MD5 checksum: 106004 bee2da8a58d6e84c05b6a80537183694 AMD64 architecture: Size/MD5 checksum: 486278 e6239c6efadea1399ad1fcab5a0da5f3 Size/MD5 checksum: 5333976 61bcb38c72686eeb7e8587179ab7594f Size/MD5 checksum: 154406 a13fdfd340be02a602f6fc576f166005 Size/MD5 checksum: 99298 7dd892a57430d66f7c97088b8c1eb187 ARM architecture: Size/MD5 checksum: 472738 a10f7886e67d41949ec8488715276ca7 Size/MD5 checksum: 4687198 d18c46329bf526579e7c1af409323610 Size/MD5 checksum: 154434 5c23b40f20e4079a6c58c697914b54ef Size/MD5 checksum: 95276 a56fa4124bd4193ec75bdedeaefcb47b Intel IA-32 architecture: Size/MD5 checksum: 443394 e72fd2ff7eec3cbd08fc07ed9458aada Size/MD5 checksum: 4495996 9e1aebd1a408bf7472608917660ce9aa Size/MD5 checksum: 154398 d84eaeb2fae751e3b36046e87c1981e1 Size/MD5 checksum: 90684 c699e114b221acd10350cf8b51c608b9 Intel IA-64 architecture: Size/MD5 checksum: 674208 354b3cc9866e6fefe48b38925a48ae32 Size/MD5 checksum: 6628612 e72ee2bfd8b6997a121c8a95b6742e4f Size/MD5 checksum: 154382 da6b4cf3246a63b4b8b94bc0db6d3dac Size/MD5checksum: 128860 370f38c0c53088195b7418d3af996d35 HP Precision architecture: Size/MD5 checksum: 489076 bf76e69441ef032d5d8ad8420b5b25b8 Size/MD5 checksum: 5786654 7e88aabad273d3dd0e239f78ecc35491 Size/MD5 checksum: 154442 325e842eae1b96b8a33ec8ae025739e2 Size/MD5 checksum: 98192 7400d5ce588c3899f6e2b43f945bde6e Motorola 680x0 architecture: Size/MD5 checksum: 447546 489e9c8ae8069112a937c8a26d297709 Size/MD5 checksum: 5564820 636aff3dca750cb3ac139c21404c49a1 Size/MD5 checksum: 154472 776225c24043d3056c5b45914f24450a Size/MD5 checksum: 90680 98475c71576aaee068be4ff5353050fe Big endian MIPS architecture: Size/MD5 checksum: 462502 716d233fbf38161464290950590a071f Size/MD5 checksum: 4723270 60f129963a2ce9ffbd599b60cfba11cd Size/MD5 checksum: 154406 386b68e0403f729687d82786afb0241d Size/MD5 checksum: 94498 af2ed192e6d4690d263f01127a8edfee Little endian MIPS architecture: Size/MD5 checksum: 457750 ef72d36a3f9fa3945a98c14abc62e2ce Size/MD5 checksum: 4459970 36bf7f5d57e23e14d1ade0bf9f9d49b0 Size/MD5 checksum: 154416 5d36a2d02f29374ef45bcdb1597423c5 Size/MD5 checksum: 94410 c585ae00dadccef338c292c1a2c268f9 PowerPC architecture: Size/MD5 checksum: 455484 893d1f6bbc3097840ba7e53cc542bbee Size/MD5 checksum: 5067540 e17cde3f8ff57a31a12270cb5d701257 Size/MD5 checksum: 154414 7b51770205dc37fc2fde1fd9ca344dda Size/MD5 checksum: 94112 7a49b609694e1eea450e621da3b2bc1f IBM S/390 architecture: Size/MD5 checksum: 479470 528b47d9a5c453856edd9b6df28ebae7 Size/MD5 checksum: 5620570 874edf4f0f86ab3aee3f48a55f95f0d0 Size/MD5 checksum: 154400 86f2d581fa46af34788e0629c6e62ec5 Size/MD5 checksum: 99696 1b622377fb056fe37b8104d295e56d28 Sun Sparc architecture: Size/MD5 checksum: 465138 ad9fd25554415ff19dba6b89b5d48513 Size/MD5 checksum: 5129848 f1a7015616428128a1c65394226a87fe Size/MD5 checksum: 154424 ff78808097ae2bc2b4ed753f1b76f1b9 Size/MD5 checksum: 93600 a97f833739a88b5484b59989be966d0d These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance your celestial modules due to multiple online threats that result in conceivable script execution dangers.. Debian Security Advisory, Ethereal Exploit, Remote Execution. . LinuxSecurity.com Team

Calendar%202 Jul 28, 2006 Debian
200

Scientific Linux: Ethereal Update for Multiple Security Issues

Updated Ethereal packages that fix various security . Date: Fri, 5 May 2006 15:34:17 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: ERRATA for "ethereal" on SL 301,302,303,304,305 i386,x86_64 now available Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it. The following ERRATA for SL 301,302,303,304,305 i386,x86_64 are now available from: Synopsis: Updated Ethereal packages that fix various security vulnerabilities are now available Severity: moderate Issued on: 2006-05-03 CVEs: CVE-2006-1940 CVE-2006-1933 CVE-2006-1932 CVE-2006-1937 CVE-2006-1936 CVE-2006-1935 CVE-2006-1934 CVE-2006-1939 CVE-2006-1938 SRPMS ethereal-0.99.0-EL3.2.src.rpm i386 ethereal-0.99.0-EL3.2.i386.rpm ethereal-gnome-0.99.0-EL3.2.i386.rpm x86_64 ethereal-0.99.0-EL3.2.x86_64.rpm ethereal-gnome-0.99.0-EL3.2.x86_64.rpm -Connie Sieh -Troy Dawson . New Ethereal software updates released for Scientific Linux to mitigate various security vulnerabilities.. Ethereal Patch, Scientific Linux Update, Security Fixes. . LinuxSecurity.com Team

Calendar%202 May 05, 2006 Scientific Linux
200

Scientific Linux: SL 40,41,42 moderate: Ethereal Security Update

Updated Ethereal packages that fix various security . Date: Fri, 5 May 2006 11:37:23 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: ERRATA for "ethereal" on SL 40,41,42 i386,x86_64 now available Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it. The ERRATA for SL 40,41,42 i386,x86_64 are now available from: Synopsis: Updated Ethereal packages that fix various security vulnerabilities are now available Severity: moderate Issued on: 2006-05-03 CVEs: CVE-2006-1940 CVE-2006-1933 CVE-2006-1932 CVE-2006-1937 CVE-2006-1936 CVE-2006-1935 CVE-2006-1934 CVE-2006-1939 CVE-2006-1938 SRPMS ethereal-0.99.0-EL4.2.src.rpm i386 ethereal-0.99.0-EL4.2.i386.rpm ethereal-gnome-0.99.0-EL4.2.i386.rpm x86_64 ethereal-0.99.0-EL4.2.x86_64.rpm ethereal-gnome-0.99.0-EL4.2.x86_64.rpm --Connie Sieh --Troy Dawson . Revised Ethereal software for Scientific Linux addresses several vulnerabilities of moderate severity.. Ethereal Security Update, Scientific Linux Packages, Linux Advisory. . LinuxSecurity.com Team

Calendar%202 May 05, 2006 Scientific Linux
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200