Bug 167294 - CAN-2005-1460 Ethereal Multiple Protocol Dissector Vulnerabilities
CAN-2005-1460 Ethereal Multiple Protocol Dissector Vulnerabilities
Status: CLOSED DUPLICATE of bug 152922
Product: Fedora Legacy
Classification: Retired
Component: ethereal (Show other bugs)
rhl7.3
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
http://www.ethereal.com/appnotes/enpa...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-09-01 08:42 EDT by John Dalbec
Modified: 2007-04-18 13:31 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-09-05 03:54:09 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description John Dalbec 2005-09-01 08:42:10 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20050729 Netscape/8.0.3.3

Description of problem:
05.30.19 CVE: CAN-2005-1460
Platform: Cross Platform
Title: Ethereal Multiple Protocol Dissector Vulnerabilities
Description: Ethereal is a multi-platform network protocol sniffer and
analyzer. Vulnerabilities in the various protocol dissectors have been
disclosed by the vendor. The SMB dissector is susceptible to an
unspecified buffer overflow due to improper bounds checking of
user-supplied data.
Ref: http://www.ethereal.com/appnotes/enpa-sa-00020.html 

(5) MODERATE: Ethereal Multiple Protocol Decoder Vulnerabilities
Affected: Ethereal versions prior to 0.10.12

Description: Ethereal is a popular open source network sniffer and
protocol analyzer for Unix and Windows platforms. The software contains
format string or buffer overflow vulnerabilities in parsing multiple
network protocols. These flaws can be exploited to execute arbitrary
code with the privileges of the ethereal process (typically "root" when
ethereal is being used as a sniffer). To exploit these flaws, an
attacker has to either inject the malicious packets into the network
traffic being sniffed by ethereal, or entice a client to open a
specially crafted packet capture file. The technical details can be
obtained by examining the fixed code. Note that any network applications
based on ethereal protocol decoder modules may also be affected.

Status: Vendor confirmed. Upgrade to version 0.10.12. In addition, this
update fixes the zlib buffer overflow vulnerability discussed in a
previous @RISK newsletter.

References:
Ethereal Advisory
http://www.ethereal.com/news/item_20050726_01.html 
Previous @RISK Newsletter Posting (zlib Flaw)
http://www.sans.org/newsletters/risk/display.php?v=4&i=28#widely6 
SecurityFocus BID
http://www.securityfocus.com/bid/14399 

Version-Release number of selected component (if applicable):


How reproducible:
Didn't try


Additional info:
Comment 1 Pekka Savola 2005-09-02 13:32:46 EDT
Maybe mark as a dup of 152922?
Comment 2 Pekka Savola 2005-09-05 03:54:09 EDT
Doing so..

*** This bug has been marked as a duplicate of 152922 ***

Note You need to log in before you can comment on or make changes to this bug.