152690 – Multiple (13) Ethereal remote overflows

Bug 152690 - Multiple (13) Ethereal remote overflows

Summary: Multiple (13) Ethereal remote overflows

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora Legacy
Classification:	Retired
Component:	Package request
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Fedora Legacy Bugs
QA Contact:
Docs Contact:
URL:	http://www.securityfocus.com/archive/...
Whiteboard:	LEGACY, rh73, rh90
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2004-03-25 14:40 UTC by John Dalbec
Modified:	2014-01-21 22:51 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description David Lawrence 2005-03-30 23:24:07 UTC

Ethereal, an open-source network protocol analyzer, has
been reported to be vulnerable to 13 buffer overflow conditions in
multiple protocol parser functions. Version 0.10.3 is reportedly fixed
and no longer vulnerable.  It appears that only 9 of these vulnerabilities
affect version 0.9.16.



------- Additional Comments From jpdalbec 2004-03-31 11:41:48 ----

RHL 9 update is at http://rhn.redhat.com/errata/RHSA-2004-137.html



------- Additional Comments From jpdalbec 2004-04-02 11:29:28 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Updated packages for ethereal are available from
http://www.fedoralegacy.org/contrib/ethereal/ :

eef66c47451030af2790e7f53c9b24d42cffa6a8  ethereal-0.10.3-0.7x.1.legacy.i386.rpm
36e51d437fd78a6d1b04d9f797e7e6734a592df8  ethereal-0.10.3-0.7x.1.legacy.src.rpm
5b2d6987b53898b6f07ff1a3983c9d52d55219c4  ethereal-0.10.3-0.80.1.i386.rpm
ec034aa5816c42258af4871d87f03e91588e6040  ethereal-0.10.3-0.80.1.src.rpm
caad586fd1a685850459f36ea8a597be9159078e  \
ethereal-gnome-0.10.3-0.7x.1.legacy.i386.rpm
501fb697a3aea2eacf0665008ed7e751afc0ff4f  ethereal-gnome-0.10.3-0.80.1.i386.rpm

I have tested these under 7.2 (mach chroot), 7.3, and 8.0.
The packages are all based on the RHL 9 package.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFAbdrFJL4A+ldA7asRAjo+AJwJgucTiYazlrrTBVvV0nszvXeR4gCgitj6
EUXxLsFHv1HeeXMgGxa23KA=
=ySw4
-----END PGP SIGNATURE-----




------- Additional Comments From jpdalbec 2004-05-17 02:40:24 ----

04.19.29 CVE: Not Available
Platform: Cross Platform
Title: Ethereal Protocol Analyzer Vulnerabilities
Description: Ethereal developers have released an update to fix a
number of vulnerabilities in the protocol analysis component. Problems
have been fixed in the SIP, AIM, SPNEGO and MMSE protocol dissectors.
Ethereal version 0.10.4 fixes the known problems.
Ref: http://www.ethereal.com/appnotes/enpa-sa-00014.html



------- Additional Comments From jkeating 2004-05-18 18:35:05 ----

To comment #2, any chance of getting you to backport the patches to the
7.2/7.3/8.0 versions of ethereal instead of all the same package?  What are the
implications of upgrading ethereal rather than backporting it?

I'm confused by comment #3, is this issue NOT fixed by the packages in comment #2?



------- Additional Comments From jpdalbec 2004-05-19 02:30:51 ----

Red Hat didn't seem too concerned about upgrading ethereal rather than
backporting fixes for it for Red Hat Linux 9.  Comment #3 is not fixed by the
existing packages.  I'll try building new ones when I finish XFree86.  I'll
upgrade again since 0.10.4 seems to be mainly a bugfix release.  I notice that
one of the vulnerabilities in comment #3 (SPNEGO) affects 0.9.16 so new packages
would be needed even if I had gone to the trouble of backporting fixes.



------- Additional Comments From marcdeslauriers 2004-06-04 18:40:15 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here are updated packages for 7.3 and 9.
I used the same approach as RH, upgrading to 0.10.3 and using a 0.10.4 security
backport.

7.3:
8cca507df75aa4e6dd4fa290a3bd937b055cd681  ethereal-0.10.3-0.73.1.legacy.i386.rpm
f2da629cd52d9077f35c14ada1e7f1ba64616846  ethereal-0.10.3-0.73.1.legacy.src.rpm
0c5a8a46cfe2a3ad6f874998ae32c8b4fcfd1a7a 
ethereal-gnome-0.10.3-0.73.1.legacy.i386.rpm

9:
fd2ebd3244d57df5327d5cf753e50b80f0e67798  ethereal-0.10.3-0.90.2.legacy.i386.rpm
bdebec8e68b18ce2b6b8b605d3d06c9271402582  ethereal-0.10.3-0.90.2.legacy.src.rpm
865b18a2a43eddb7a4d5829b907a5c6008bc0b50 
ethereal-gnome-0.10.3-0.90.2.legacy.i386.rpm

http://www.infostrategique.com/linuxrpms/legacy/7.3/ethereal-0.10.3-0.73.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/ethereal-0.10.3-0.73.1.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/ethereal-gnome-0.10.3-0.73.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/ethereal-0.10.3-0.90.2.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/ethereal-0.10.3-0.90.2.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/ethereal-gnome-0.10.3-0.90.2.legacy.i386.rpm

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAwU5GLMAs/0C4zNoRAtMrAJ0ZuGEk5fZJ3igWC425YJsCgznVXQCcCtRO
K68KZ90wiVskENDUbkifN9A=
=E66/
-----END PGP SIGNATURE-----




------- Additional Comments From jonny.strom 2004-06-05 22:42:16 ----

I did a QA on the RH 9 packages.

SHA1 is ok.
Installs ok.
Spec file looks ok.
I did a fucntionallity test and ethereal works as expected on RH9.

I wote for publish.






------- Additional Comments From michal 2004-06-06 14:47:47 ----

Created an attachment (id=716)
A security update from ethereal-0.10.3-0.1.1 update to FC1

Recently a massive security update for ethereal showed up in FC1.
A patch from there applies without any changes to 0.10.3-0.7x.1
sources.  Most likely the same will be true for RH9 as well but somebody
has to check



------- Additional Comments From michal 2004-06-06 14:50:47 ----

Created an attachment (id=717)
changes to ehtereal specs to incorporate ethereal-0.10.3-security.patch

With these changes updated ehtereal compiles, installs and even runs
on RH7.3 installation



------- Additional Comments From marcdeslauriers 2004-06-06 14:57:51 ----

Umm...the ethereal packages in comment 6 already contain that patch.




------- Additional Comments From jpdalbec 2004-06-07 02:25:24 ----

RH9 package is missing
Buildrequires: elfutils-devel

When building for RH8 this must be changed to 
Buildrequires: libelf-devel



------- Additional Comments From jpdalbec 2004-06-07 10:24:09 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

New RH 8.0/9 packages are available from
http://www.fedoralegacy.org/contrib/ethereal/

sha1sums:
ca400f266cad5f372586512492e66a7d8faae862  ethereal-0.10.3-0.80.3.legacy.i386.rpm
bae183142585320f868a493a1131ae362917ebf1  ethereal-0.10.3-0.80.3.legacy.src.rpm
0ec680d15aa522170b01fa5a26e6c8ba0abf6e39  ethereal-0.10.3-0.90.3.legacy.i386.rpm
12fb927d3379a5655c487eb6afa9750f0e0d0da4  ethereal-0.10.3-0.90.3.legacy.src.rpm
4684e66582a290662acd2f42018701b942d5c8f3
ethereal-gnome-0.10.3-0.80.3.legacy.i386.rpm
5bef79cac9dd382228a1cad8192d6701ed20c4b6
ethereal-gnome-0.10.3-0.90.3.legacy.i386.rpm

These include the missing elfutils(9)/libelf(8.0)-devel BuildRequires:.

I installed the RH9 packages on a VMware box.  They captured their own TCP
traffic with no problems.  I installed the RH8 packages on a box in our test
lab.  They captured somewhat more traffic - UDP, ARP, NetBIOS, etc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFAxM7AJL4A+ldA7asRAjWxAJ42uvvVGmC0eJzgNUkljz3AgAr8JACgzSxU
MSY+QucFIZd+CRaXX4krQoI=
=Vhqg
-----END PGP SIGNATURE-----




------- Additional Comments From jkeating 2004-06-10 18:06:52 ----

Pushed to updates-testing.

  http://download.fedoralegacy.org/redhat/

8895ed56f2319fe44ae8a48ba9577f82bcf3491a
7.3/updates-testing/SRPMS/ethereal-0.10.3-0.73.2.legacy.src.rpm
1e020d735de16e1d1299dcd3c90541f37e2d2f4e
7.3/updates-testing/i386/ethereal-0.10.3-0.73.2.legacy.i386.rpm
f4a4868c3450fa289d64c3e2d1099184525b38f1
7.3/updates-testing/i386/ethereal-gnome-0.10.3-0.73.2.legacy.i386.rpm

8182abd65f2e36bdc29c01b126a13df2945fe096
9/updates-testing/SRPMS/ethereal-0.10.3-0.90.3.legacy.src.rpm
8f24a03dbefc23c19eb43590f6e1e8ef2e17d417
9/updates-testing/i386/ethereal-0.10.3-0.90.3.legacy.i386.rpm
89bcb4a2b7dfd06f664c3e5795dceef6bcbf333f
9/updates-testing/i386/ethereal-gnome-0.10.3-0.90.3.legacy.i386.rpm



------- Additional Comments From marcdeslauriers 2004-09-08 11:05:45 ----

This bug has been superseded by bug 1840



------- Bug moved to this database by dkl 2005-03-30 18:24 -------

This bug previously known as bug 1419 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=1419
Originally filed under the Fedora Legacy product and Package request component.

Attachments:
A security update from ethereal-0.10.3-0.1.1 update to FC1
https://bugzilla.fedora.us/attachment.cgi?action=view&id=716
changes to ehtereal specs to incorporate ethereal-0.10.3-security.patch
https://bugzilla.fedora.us/attachment.cgi?action=view&id=717

Unknown priority P2. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.

Note You need to log in before you can comment on or make changes to this bug.