Security Advisories (MDKSA-2005:193-2): ethereal

aru · November 1, 2005

Mandriva Security Advisories MDKSA-2005:193-2 : ethereal

Updated ethereal packages fix multiple vulnerabilities

October 31st, 2005

Ethereal 0.10.13 is now available fixing a number of security vulnerabilities in various dissectors: - the ISAKMP dissector could exhaust system memory - the FC-FCS dissector could exhaust system memory - the RSVP dissector could exhaust system memory - the ISIS LSP dissector could exhaust system memory - the IrDA dissector could crash - the SLIMP3 dissector could overflow a buffer - the BER dissector was susceptible to an infinite loop - the SCSI dissector could dereference a null pointer and crash - the sFlow dissector could dereference a null pointer and crash - the RTnet dissector could dereference a null pointer and crash - the SigComp UDVM could go into an infinite loop or crash - the X11 dissector could attempt to divide by zero - if SMB transaction payload reassembly is enabled the SMB dissector could crash (by default this is disabled) - if the "Dissect unknown RPC program numbers" option was enabled, the ONC RPC dissector might be able to exhaust system memory (by default this is disabled) - the AgentX dissector could overflow a buffer - the WSP dissector could free an invalid pointer - iDEFENSE discovered a buffer overflow in the SRVLOC dissector The new version of Ethereal is provided and corrects all of these issues. An infinite loop in the IRC dissector was also discovered and fixed after the 0.10.13 release.The updated packages include the fix.

Update:

A permissions problem on the /usr/share/ethereal/dtds directory caused errors when ethereal started as a non-root user.This update corrects the problem.

The released versions of Mandriva GNU/Linux affected are: