Advisories

Mandriva Advisories

Package name	ethereal
Date	January 24th, 2005
Advisory ID	MDKSA-2005:013
Affected versions	10.0, 10.1
Synopsis	Updated ethereal packages fix multiple vulnerabilities

Problem Description

A number of vulnerabilities were found in Ethereal, all of which are
fixed in version 0.10.9: The COPS dissector could go into an infinite
loop (CAN-2005-0006); the DLSw dissector could cause an assertion,
making Ethereal exit prematurely (CAN-2005-0007); the DNP dissector
could cause memory corruption (CAN-2005-0008); the Gnutella dissector
could cause an assertion, making Ethereal exit prematurely
(CAN-2005-0009); the MMSE dissector could free static memory
(CAN-2005-0010); and the X11 protocol dissector is vulnerable to a
string buffer overflow (CAN-2005-0084).

Updated Packages

Mandrakelinux 10.0

 c74b93a5f05c68eb7845c6d3a05d7ab5  10.0/RPMS/ethereal-0.10.9-0.1.100mdk.i586.rpm
bbdcd41fe80851a0248c8606f0f0ddba  10.0/SRPMS/ethereal-0.10.9-0.1.100mdk.src.rpm

Mandrakelinux 10.0/AMD64

 3ab0b6691827a4d228b2696efda24de1  amd64/10.0/RPMS/ethereal-0.10.9-0.1.100mdk.amd64.rpm
bbdcd41fe80851a0248c8606f0f0ddba  amd64/10.0/SRPMS/ethereal-0.10.9-0.1.100mdk.src.rpm

Mandrakelinux 10.1

 72d299832f7340c675f9cf89aaad555f  10.1/RPMS/ethereal-0.10.9-0.1.101mdk.i586.rpm
646de9ee68b10dba30c6f7f0b9989f7d  10.1/RPMS/ethereal-tools-0.10.9-0.1.101mdk.i586.rpm
48cb5ca4befde405416a9aa7c19b5556  10.1/RPMS/libethereal0-0.10.9-0.1.101mdk.i586.rpm
c3d5c5d06f7afd1e23f06f682188c03e  10.1/RPMS/tethereal-0.10.9-0.1.101mdk.i586.rpm
87e639367056153d74db172ebb8ca897  10.1/SRPMS/ethereal-0.10.9-0.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64

 f8852108acdeb991a2a2c06e225863d9  x86_64/10.1/RPMS/ethereal-0.10.9-0.1.101mdk.x86_64.rpm
3ee69f3876a7741ddeb8a79ac2229fb7  x86_64/10.1/RPMS/ethereal-tools-0.10.9-0.1.101mdk.x86_64.rpm
edb8a0f7523320df5f30db3e872ef139  x86_64/10.1/RPMS/lib64ethereal0-0.10.9-0.1.101mdk.x86_64.rpm
6cf8367b84d5508cdaaa96e59f973ce8  x86_64/10.1/RPMS/tethereal-0.10.9-0.1.101mdk.x86_64.rpm
87e639367056153d74db172ebb8ca897  x86_64/10.1/SRPMS/ethereal-0.10.9-0.1.101mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0084
http://www.ethereal.com/appnotes/enpa-sa-00017.html

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer