GLSA-200403-07 : Multiple remote overflows and vulnerabilities in Ethereal

NASLDB: GLSA-200403-07 : Multiple remote overflows and vulnerabilities in Ethereal

General

ID: 14458
Name: GLSA-200403-07 : Multiple remote overflows and vulnerabilities in Ethereal

Summary: Checks for updated package(s) in /var/db/pkg

Credits: –

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Temporal Vector: –

Port: 0
Family: Gentoo Local Security Checks
Type: Local

Description

The remote host is affected by the vulnerability described in GLSA-200403-07
(Multiple remote overflows and vulnerabilities in Ethereal)

There are multiple vulnerabilities in versions of Ethereal earlier than 0.10.3, including:
Thirteen buffer overflows in the following protocol dissectors: NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP.
A zero-length Presentation protocol selector could make Ethereal crash.
A vulnerability in the RADIUS packet dissector which may crash ethereal.
A corrupt color filter file could cause a segmentation fault.

Impact :

These vulnerabilities may cause Ethereal to crash or may allow an attacker
to run arbitrary code on the user’s computer.

Workaround :

While a workaround is not currently known for this issue, all users are
advised to upgrade to the latest version of the affected package.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2004-0176
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: 2004/03/22
Patch Release: 2004/03/28
Plugin Release: 2004/08/30

Plugin

Version: 1.12
Filename: gentoo_GLSA-200403-07.nasl
Filesize: 3924 bytes
MD5 Hash: bed0ef1473fe1ada8728e2fcdd32d97b

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list
Dependencies: "ssh_get_info.nasl"

Latest Plugins

Latest Plugins

scip AG