Package: ethereal
Version: 0.10.12-6
Severity: grave
Tags: security
Justification: user security hole
As usual ethereal 0.10.13 fixes lots of vulnerabilities, most of them are only
denial-of-
service, but some can lead to execution of arbitrary code.
Affecting only sid:
o The ISAKMP dissector could exhaust system memory. Versions affected:
0.10.11 to 0.10.12.
o The SigComp UDVM could go into an infinite loop or crash. Versions
affected: 0.10.12.
o The ACSE dissector was susceptible to infinite recursion. Versions
affected: 0.10.12.
Affecting Sarge and sid:
o The IrDA dissector could crash. Versions affected: 0.10.0 to 0.10.12.
o The BER dissector was susceptible to an infinite loop. Versions
affected: 0.10.3 to 0.10.12.
o The SCSI dissector could dereference a null pointer and crash. Versions
affected: 0.10.3 to 0.10.12.
o The sFlow dissector could dereference a null pointer and crash. Versions
affected: 0.9.14 to 0.10.12.
o The RTnet dissector could dereference a null pointer and crash. Versions
affected: 0.10.8 to 0.10.12.
o If SMB transaction payload reassembly is enabled the SMB dissector could
crash. This preference is disabled by
default. Versions affected: 0.9.7 to 0.10.12.
o The X11 dissector could attempt to divide by zero. Versions affected:
0.10.1 to 0.10.12.
o The AgentX dissector could overflow a buffer. Versions affected: 0.10.10
to 0.10.12.
o The WSP dissector could free an invalid pointer. Versions affected:
0.10.1 to 0.10.12.
o The NCP dissector was susceptible to an infinite loop. Versions
affected: 0.9.7 to 0.10.12.
o iDEFENSE found a buffer overflow in the SRVLOC dissector. Versions
affected: 0.10.0 to 0.10.12.
Affecting Woody, Sarge and sid:
o The FC-FCS dissector could exhaust system memory. Versions affected:
0.9.0 to 0.10.12.
o The RSVP dissector could exhaust system memory. Versions affected: 0.9.4
to 0.10.12.
o The ISIS LSP dissector could exhaust system memory. Versions affected:
0.8.18 to 0.10.12.
o The SLIMP3 dissector could overflow a buffer. Versions affected: 0.9.1
to 0.10.12.
o If the "Dissect unknown RPC program numbers" option was enabled, the ONC
RPC dissector might be able to exhaust system
memory. This option is disabled by default. Versions affected: 0.7.7 to
0.10.12.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-rc1
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
