Package: ethereal Version: 0.10.12-6 Severity: grave Tags: security Justification: user security hole
As usual ethereal 0.10.13 fixes lots of vulnerabilities, most of them are only denial-of- service, but some can lead to execution of arbitrary code. Affecting only sid: o The ISAKMP dissector could exhaust system memory. Versions affected: 0.10.11 to 0.10.12. o The SigComp UDVM could go into an infinite loop or crash. Versions affected: 0.10.12. o The ACSE dissector was susceptible to infinite recursion. Versions affected: 0.10.12. Affecting Sarge and sid: o The IrDA dissector could crash. Versions affected: 0.10.0 to 0.10.12. o The BER dissector was susceptible to an infinite loop. Versions affected: 0.10.3 to 0.10.12. o The SCSI dissector could dereference a null pointer and crash. Versions affected: 0.10.3 to 0.10.12. o The sFlow dissector could dereference a null pointer and crash. Versions affected: 0.9.14 to 0.10.12. o The RTnet dissector could dereference a null pointer and crash. Versions affected: 0.10.8 to 0.10.12. o If SMB transaction payload reassembly is enabled the SMB dissector could crash. This preference is disabled by default. Versions affected: 0.9.7 to 0.10.12. o The X11 dissector could attempt to divide by zero. Versions affected: 0.10.1 to 0.10.12. o The AgentX dissector could overflow a buffer. Versions affected: 0.10.10 to 0.10.12. o The WSP dissector could free an invalid pointer. Versions affected: 0.10.1 to 0.10.12. o The NCP dissector was susceptible to an infinite loop. Versions affected: 0.9.7 to 0.10.12. o iDEFENSE found a buffer overflow in the SRVLOC dissector. Versions affected: 0.10.0 to 0.10.12. Affecting Woody, Sarge and sid: o The FC-FCS dissector could exhaust system memory. Versions affected: 0.9.0 to 0.10.12. o The RSVP dissector could exhaust system memory. Versions affected: 0.9.4 to 0.10.12. o The ISIS LSP dissector could exhaust system memory. Versions affected: 0.8.18 to 0.10.12. o The SLIMP3 dissector could overflow a buffer. Versions affected: 0.9.1 to 0.10.12. o If the "Dissect unknown RPC program numbers" option was enabled, the ONC RPC dissector might be able to exhaust system memory. This option is disabled by default. Versions affected: 0.7.7 to 0.10.12. Cheers, Moritz -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14-rc1 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]