SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Generic)  >   Wireshark Vendors:   Wireshark.org
(Fedora Issues Fix for FC1) Ethereal SIP, AIM, SPNEGO, and MMSE Dissector Flaws Allow Remote Users to Crash Ethereal or Execute Arbitrary Code
SecurityTracker Alert ID:  1010390
SecurityTracker URL:  http://securitytracker.com/id/1010390
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jun 3 2004
Impact:   Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 0.9.8 up to and including 0.10.3
Description:   Several vulnerabilities were reported in Ethereal, affecting the SIP, AIM, SPNEGO, and MMSE dissectors. A remote user can cause denial of service conditions or execute arbitrary code on the target system.

The vendor reported that several protocol dissectors contain flaws that may allow a remote user to cause Ethereal to crash or to execute arbitrary code.

It is reported that a remote user can send a SIP packet that will, under certain conditions, cause Ethereal to crash [CVE: CAN-2004-0504]. Only version 0.10.3 is affected, the report said. Details on the conditions required to trigger the flaw are provided at:

http://www.ethereal.com/lists/ethereal-users/200405/msg00018.html

It is also reported that a remote user can cause the AIM dissector to throw an assertion and cause Ethereal to crash [CVE: CAN-2004-0505]. Only version 0.10.3 is affected, the report said.

It is also reported that a remote user can trigger a null pointer dereference in the SPNEGO dissector and cause Ethereal to crash [CVE: CAN-2004-0506].

It is also reported that there is a buffer overflow in the MMSE dissector [CVE: CAN-2004-0507]. Versions 0.10.1 to 0.10.3 are affected. A remote user can cause arbitrary code to be executed by the Ethereal process.

These flaws can be triggered by a remote user sending malformed traffic through a network that is monitored by Ethereal, via a malformed packet trace file, or via a malformed color filter file.
Impact:   A remote user can cause Ethereal to crash. A remote user can cause Ethereal to execute arbitrary code with the privileges of the Ethereal process.
Solution:   Fedora has released a fix for FC1, available at:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

1025a0c7d6dbe9369a2353764ddbc7b9 SRPMS/ethereal-0.10.3-0.1.1.src.rpm
124a9a2914c592276bd0427009c7883c i386/ethereal-0.10.3-0.1.1.i386.rpm
3ec831cf4eaddee5184ddd18796aedc3 i386/ethereal-gnome-0.10.3-0.1.1.i386.rpm
3504ec2a5dfd51cde2b1262644e5ccf0
i386/debug/ethereal-debuginfo-0.10.3-0.1.1.i386.rpm
441e043616370ee4b13e81ca20094d61 x86_64/ethereal-0.10.3-0.1.1.x86_64.rpm
ad048fccfa453591c96f3dabc18c5f14
x86_64/ethereal-gnome-0.10.3-0.1.1.x86_64.rpm
f89c1bf94f358917813352a0cd82b561
x86_64/debug/ethereal-debuginfo-0.10.3-0.1.1.x86_64.rpm
Vendor URL:  www.ethereal.com/appnotes/enpa-sa-00014.html (Links to External Site)
Cause:   Boundary error, Input validation error
Underlying OS:   Linux (Red Hat Fedora)

Message History:   This archive entry is a follow-up to the message listed below.
May 14 2004 Ethereal SIP, AIM, SPNEGO, and MMSE Dissector Flaws Allow Remote Users to Crash Ethereal or Execute Arbitrary Code


 Source Message Contents
Date:  Thu, 03 Jun 2004 18:00:41 +0200
Subject:  [SECURITY] Fedora Core 1 Update: ethereal-0.10.3-0.1.1



---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-152
2004-06-03
---------------------------------------------------------------------

Product     : Fedora Core 1
Name        : ethereal
Version     : 0.10.3
Release     : 0.1.1
Summary     : Network traffic analyzer
Description :
Ethereal is a network traffic analyzer for Unix-ish operating systems.

This package lays base for libpcap, a packet capture and filtering
library, contains command-line utilities, contains plugins and
documentation for ethereal. A graphical user interface is packaged
separately to GTK+ package.

---------------------------------------------------------------------
Update Information:

  Issues have been discovered in the following protocol dissectors:

     * A SIP packet could make Ethereal crash under specific conditions, 
as described in the following message:
       http://www.ethereal.com/lists/ethereal-users/200405/msg00018.html
       (0.10.3).
     * The AIM dissector could throw an assertion, causing Ethereal to 
terminate abnormally (0.10.3).
     * It was possible for the SPNEGO dissector to dereference a null 
pointer, causing a crash (0.9.8 to 0.10.3).
     * The MMSE dissector was susceptible to a buffer overflow. (0.10.1 
to 0.10.3).

All users of Ethereal are strongly encouraged to update to these latest 
packages.

---------------------------------------------------------------------
* Fri May 28 2004 Phil Knirsch <pknirsch@redhat.com> 0.10.3-0.1.1

- Updated to ethereal-0.10.3
- Included backported security fixes from ethereal-0.10.4

* Wed Mar 24 2004 Phil Knirsch <pknirsch@redhat.com> 0.10.2.20040324-0.1

- Another updated to CVS version to fix more security problems.

* Mon Mar 15 2004 Phil Knirsch <pknirsch@redhat.com> 0.10.2-0.1

- Update to latest upstream version 0.10.2.
- Make security errata.


---------------------------------------------------------------------
This update can be downloaded from:
   http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

1025a0c7d6dbe9369a2353764ddbc7b9  SRPMS/ethereal-0.10.3-0.1.1.src.rpm
124a9a2914c592276bd0427009c7883c  i386/ethereal-0.10.3-0.1.1.i386.rpm
3ec831cf4eaddee5184ddd18796aedc3  i386/ethereal-gnome-0.10.3-0.1.1.i386.rpm
3504ec2a5dfd51cde2b1262644e5ccf0 
i386/debug/ethereal-debuginfo-0.10.3-0.1.1.i386.rpm
441e043616370ee4b13e81ca20094d61  x86_64/ethereal-0.10.3-0.1.1.x86_64.rpm
ad048fccfa453591c96f3dabc18c5f14 
x86_64/ethereal-gnome-0.10.3-0.1.1.x86_64.rpm
f89c1bf94f358917813352a0cd82b561 
x86_64/debug/ethereal-debuginfo-0.10.3-0.1.1.x86_64.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------


-- 
Philipp Knirsch      | Tel.:  +49-711-96437-470
Development          | Fax.:  +49-711-96437-111
Red Hat GmbH         | Email: Phil Knirsch <phil@redhat.de>
Hauptstaetterstr. 58 | Web:   http://www.redhat.de/
D-70178 Stuttgart
Motd:  You're only jealous cos the little penguins are talking to me.


--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC