SecurityTracker.com Archives - (Fedora Issues Fix for FC1) Ethereal SIP, AIM, SPNEGO, and MMSE Dissector Flaws Allow Remote Users to Crash Ethereal or Execute Arbitrary Code

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

SecurityTracker
Archives

Sign Up

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Affiliates

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Partners

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Generic) > Ethereal

Vendors: Ethereal.com

(Fedora Issues Fix for FC1) Ethereal SIP, AIM, SPNEGO, and MMSE Dissector Flaws Allow Remote Users to Crash Ethereal or Execute Arbitrary Code

SecurityTracker Alert ID: 1010390

SecurityTracker URL: http://securitytracker.com/id?1010390

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Date: Jun 3 2004

Impact: Denial of service via network, Execution of arbitrary code via network, User access via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): 0.9.8 up to and including 0.10.3

Description: Several vulnerabilities were reported in Ethereal, affecting the SIP, AIM, SPNEGO, and MMSE dissectors. A remote user can cause denial of service conditions or execute arbitrary code on the target system.

The vendor reported that several protocol dissectors contain flaws that may allow a remote user to cause Ethereal to crash or to execute arbitrary code.

It is reported that a remote user can send a SIP packet that will, under certain conditions, cause Ethereal to crash. Only version 0.10.3 is affected, the report said. Details on the conditions required to trigger the flaw are provided at:

http://www.ethereal.com/lists/ethereal-users/200405/msg00018.html

It is also reported that a remote user can cause the AIM dissector to throw an assertion and cause Ethereal to crash. Only version 0.10.3 is affected, the report said.

It is also reported that a remote user can trigger a null pointer dereference in the SPNEGO dissector and cause Ethereal to crash.

It is also reported that there is a buffer overflow in the MMSE dissector. Versions 0.10.1 to 0.10.3 are affected. A remote user can cause arbitrary code to be executed by the Ethereal process.

These flaws can be triggered by a remote user sending malformed traffic through a network that is monitored by Ethereal, via a malformed packet trace file, or via a malformed color filter file.

Impact: A remote user can cause Ethereal to crash. A remote user can cause Ethereal to execute arbitrary code with the privileges of the Ethereal process.

Solution: Fedora has released a fix for FC1, available at:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

1025a0c7d6dbe9369a2353764ddbc7b9 SRPMS/ethereal-0.10.3-0.1.1.src.rpm
124a9a2914c592276bd0427009c7883c i386/ethereal-0.10.3-0.1.1.i386.rpm
3ec831cf4eaddee5184ddd18796aedc3 i386/ethereal-gnome-0.10.3-0.1.1.i386.rpm
3504ec2a5dfd51cde2b1262644e5ccf0
i386/debug/ethereal-debuginfo-0.10.3-0.1.1.i386.rpm
441e043616370ee4b13e81ca20094d61 x86_64/ethereal-0.10.3-0.1.1.x86_64.rpm
ad048fccfa453591c96f3dabc18c5f14
x86_64/ethereal-gnome-0.10.3-0.1.1.x86_64.rpm
f89c1bf94f358917813352a0cd82b561
x86_64/debug/ethereal-debuginfo-0.10.3-0.1.1.x86_64.rpm

Vendor URL: www.ethereal.com/appnotes/enpa-sa-00014.html (Links to External Site)

Cause: Boundary error, Input validation error

Underlying OS: Linux (Red Hat Fedora)

Underlying OS Comments: FC1

Reported By: Phil Knirsch <pknirsch@redhat.com>

Message History: This archive entry is a follow-up to the message listed below.

May 14 2004

Ethereal SIP, AIM, SPNEGO, and MMSE Dissector Flaws Allow Remote Users to Crash Ethereal or Execute Arbitrary Code

Source Message Contents

Date: Thu, 03 Jun 2004 18:00:41 +0200
From: Phil Knirsch <pknirsch@redhat.com>
Subject: [SECURITY] Fedora Core 1 Update: ethereal-0.10.3-0.1.1

 


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-152
2004-06-03
---------------------------------------------------------------------

Product     : Fedora Core 1
Name        : ethereal
Version     : 0.10.3
Release     : 0.1.1
Summary     : Network traffic analyzer
Description :
Ethereal is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for ethereal. A graphical user interface is packaged
separately to GTK+ package.

---------------------------------------------------------------------
Update Information:

  Issues have been discovered in the following protocol dissectors:

     * A SIP packet could make Ethereal crash under specific conditions, 
as described in the following message:
       http://www.ethereal.com/lists/ethereal-users/200405/msg00018.html
       (0.10.3).
     * The AIM dissector could throw an assertion, causing Ethereal to 
terminate abnormally (0.10.3).
     * It was possible for the SPNEGO dissector to dereference a null 
pointer, causing a crash (0.9.8 to 0.10.3).
     * The MMSE dissector was susceptible to a buffer overflow. (0.10.1 
to 0.10.3).

All users of Ethereal are strongly encouraged to update to these latest 
packages.

---------------------------------------------------------------------
* Fri May 28 2004 Phil Knirsch <pknirsch@redhat.com> 0.10.3-0.1.1

- Updated to ethereal-0.10.3
- Included backported security fixes from ethereal-0.10.4

* Wed Mar 24 2004 Phil Knirsch <pknirsch@redhat.com> 0.10.2.20040324-0.1

- Another updated to CVS version to fix more security problems.

* Mon Mar 15 2004 Phil Knirsch <pknirsch@redhat.com> 0.10.2-0.1

- Update to latest upstream version 0.10.2.
- Make security errata.


---------------------------------------------------------------------
This update can be downloaded from:
   http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

1025a0c7d6dbe9369a2353764ddbc7b9  SRPMS/ethereal-0.10.3-0.1.1.src.rpm
124a9a2914c592276bd0427009c7883c  i386/ethereal-0.10.3-0.1.1.i386.rpm
3ec831cf4eaddee5184ddd18796aedc3  i386/ethereal-gnome-0.10.3-0.1.1.i386.rpm
3504ec2a5dfd51cde2b1262644e5ccf0 
i386/debug/ethereal-debuginfo-0.10.3-0.1.1.i386.rpm
441e043616370ee4b13e81ca20094d61  x86_64/ethereal-0.10.3-0.1.1.x86_64.rpm
ad048fccfa453591c96f3dabc18c5f14 
x86_64/ethereal-gnome-0.10.3-0.1.1.x86_64.rpm
f89c1bf94f358917813352a0cd82b561 
x86_64/debug/ethereal-debuginfo-0.10.3-0.1.1.x86_64.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------


-- 
Philipp Knirsch      | Tel.:  +49-711-96437-470
Development          | Fax.:  +49-711-96437-111
Red Hat GmbH         | Email: Phil Knirsch <phil@redhat.de>
Hauptstaetterstr. 58 | Web:   http://www.redhat.de/
D-70178 Stuttgart
Motd:  You're only jealous cos the little penguins are talking to me.


--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us | Help
Copyright 2004, SecurityGlobal.net LLC