Date: 06 January 2004
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2004.0005 -- Debian Security Advisory DSA 407-1
New ethereal packages fix several vulnerabilities
06 January 2004
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: ethereal
Publisher: Debian
Operating System: Debian GNU/Linux 3.0
Linux
Impact: Denial of Service
Execute Arbitrary Code/Commands
Access Required: Remote
CVE Names: CAN-2003-0925 CAN-2003-0926 CAN-2003-0927
CAN-2003-1012 CAN-2003-1013
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - --------------------------------------------------------------------------
Debian Security Advisory DSA 407-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
January 5th, 2004 http://www.debian.org/security/faq
- - --------------------------------------------------------------------------
Package : ethereal
Vulnerability : buffer overflows
Problem-Type : remote
Debian-specific: no
CVE IDs : CAN-2003-0925 CAN-2003-0926 CAN-2003-0927 CAN-2003-1012 CAN-2003-1013
Several vulnerabilities were discovered upstream in ethereal, a
network traffic analyzer. The Common Vulnerabilities and Exposures
project identifies the following problems:
CAN-2003-0925
A buffer overflow allows remote attackers to cause a denial of
service and possibly execute arbitrary code via a malformed GTP
MSISDN string.
CAN-2003-0926
Via certain malformed ISAKMP or MEGACO packets remote attackers are
able to cause a denial of service (crash).
CAN-2003-0927
A heap-based buffer overflow allows remote attackers to cause a
denial of service (crash) and possibly execute arbitrary code via
the SOCKS dissector.
CAN-2003-1012
The SMB dissector allows remote attackers to cause a denial of
service via a malformed SMB packet that triggers a segmentation
fault during processing of selected packets.
CAN-2003-1013
The Q.931 dissector allows remote attackers to cause a denial of
service (crash) via a malformed Q.931, which triggers a null
dereference.
For the stable distribution (woody) this problem has been fixed in
version 0.9.4-1woody6.
For the unstable distribution (sid) this problem has been fixed in
version 0.10.0-1.
We recommend that you upgrade your ethereal and tethereal packages.
Upgrade Instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6.dsc
Size/MD5 checksum: 679 6c3d2beab693578b827bc0c2ecc13eb2
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6.diff.gz
Size/MD5 checksum: 37597 7456c1b4708a869295bb71480300370d
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4.orig.tar.gz
Size/MD5 checksum: 3278908 42e999daa659820ee93aaaa39ea1e9ea
Alpha architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_alpha.deb
Size/MD5 checksum: 1940256 e8a45a24a24a145f2870d65b26fdda20
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_alpha.deb
Size/MD5 checksum: 334238 0035322af1972fa6c1547e881b5b27fa
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_alpha.deb
Size/MD5 checksum: 222006 da4e9538a37ac5dd740010b828afed8b
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_alpha.deb
Size/MD5 checksum: 1706878 3c2e6c03f6383f3ae8d599a01853c344
ARM architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_arm.deb
Size/MD5 checksum: 1634664 f5f5d2aeba5fa26ac8d6b722f4d52b39
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_arm.deb
Size/MD5 checksum: 297294 267317a8d6f43f009673f3e9864e0308
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_arm.deb
Size/MD5 checksum: 205964 fe0528d0ee4b0922d1a449f9c12c0b81
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_arm.deb
Size/MD5 checksum: 1439166 390f1e6d9173454162195c47a10c6a0e
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_i386.deb
Size/MD5 checksum: 1512408 b9efde468cca1ddd6b731a3b343bd51d
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_i386.deb
Size/MD5 checksum: 286370 c618774e3718d11d94347b0d66f72af4
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_i386.deb
Size/MD5 checksum: 198298 a7c01d2560880e783e899cd623a27e7a
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_i386.deb
Size/MD5 checksum: 1325838 a7706f7f82b44a30d4a99b299c58b4ca
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_ia64.deb
Size/MD5 checksum: 2150174 e2aba915304534ac4fbb060a2552d9c6
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_ia64.deb
Size/MD5 checksum: 373042 f06169aeefd918e4e5b809393edb8dc2
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_ia64.deb
Size/MD5 checksum: 233630 e7f788d020319a8147beb4172cdc736f
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_ia64.deb
Size/MD5 checksum: 1860802 6c8ef685b4e61f34a0146eb6fc666fdb
HP Precision architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_hppa.deb
Size/MD5 checksum: 1803668 213d7f4221de714ee5c4ef938d0bae54
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_hppa.deb
Size/MD5 checksum: 322334 b6ebeeb39d2d57c0ed664f65389e55a2
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_hppa.deb
Size/MD5 checksum: 216804 fd2e27b35aedd419a12db17bee96c596
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_hppa.deb
Size/MD5 checksum: 1575270 f3ed65cc62fb1155e8e38a25320d0614
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_m68k.deb
Size/MD5 checksum: 1424112 69cccce7cf5ead38369e6d508031d821
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_m68k.deb
Size/MD5 checksum: 282604 e5c3264948cd2cad0c159893173f0748
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_m68k.deb
Size/MD5 checksum: 195028 647f483dbf79dc47a95d48d105d6a7c4
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_m68k.deb
Size/MD5 checksum: 1248072 8085433927ed54f1c1c8196d7c835709
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_mips.deb
Size/MD5 checksum: 1616398 9a41bb228b9b33894825d6cfd2bba741
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_mips.deb
Size/MD5 checksum: 305168 b4a94497386ab45e0494c7980def8e3e
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_mips.deb
Size/MD5 checksum: 213590 20a3ad3d4b5126890aa23179c1730f1a
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_mips.deb
Size/MD5 checksum: 1421550 ad0decba7ea5907e6a3149cacbc178f8
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_mipsel.deb
Size/MD5 checksum: 1596866 0321997c79a03298c65548bb5687e87d
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_mipsel.deb
Size/MD5 checksum: 304676 9a3fad3fe8394ae63f79d09580b41b39
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_mipsel.deb
Size/MD5 checksum: 213222 28bfeefdf54278545c2c132fe381dc12
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_mipsel.deb
Size/MD5 checksum: 1405698 182282caefb7aaf8025559894d7b9801
PowerPC architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_powerpc.deb
Size/MD5 checksum: 1617784 38000a653b7da7552904e66b8c736ecc
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_powerpc.deb
Size/MD5 checksum: 301846 70dede9038a6098642119765c87f6f80
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_powerpc.deb
Size/MD5 checksum: 208786 d69f6942493800fd491e90605d0be931
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_powerpc.deb
Size/MD5 checksum: 1418638 9394c10dff060a961329382c7a3433ad
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_s390.deb
Size/MD5 checksum: 1574214 a21cbd59b1d36e14da777da012768f21
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_s390.deb
Size/MD5 checksum: 300674 49a6af1c59fe07065267ebc5deecc8b8
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_s390.deb
Size/MD5 checksum: 203854 077f9492da7509958c890e598edadf14
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_s390.deb
Size/MD5 checksum: 1386518 d99962a50a8fafc9c509a67adb3399be
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_sparc.deb
Size/MD5 checksum: 1582634 d0a792b3c2428ac28476799e888cef98
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_sparc.deb
Size/MD5 checksum: 317982 936008ca75fecdec66519475f8466525
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_sparc.deb
Size/MD5 checksum: 204626 2633099c059446cff5d41703718fb7bf
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_sparc.deb
Size/MD5 checksum: 1388944 ede08f8bc62f1a5141a0bb2ed2ceea1d
These files will probably be moved into the stable distribution on
its next revision.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/+TD0W5ql+IAeqTIRAqbDAJ94AyY1dCtH0gsTSd+lPuuNsgsYnACdGQXl
ukugrDm00ja/05LtjROk2ys=
=4uYr
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business
hours which are GMT+10:00 (AEST). On call after hours
for member emergencies only.
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBP/oMGSh9+71yA2DNAQFMhAQAik2l7qq16fnfYYyMjw5SLf4SqHI1PQj2
lgnw+TR7xOGTEYJ9oIua/KE3bFm66JpQRkLw/6aZfIgoJx0Fl0WcyhEYVzNckP2J
QyR3msKYCG8T2+ZKn4TKLsvuX1dYcqB1nefd277d7C3OGSYScbsV4y3A0eLvPmpC
MUf/FWgxPms=
=xR+p
-----END PGP SIGNATURE-----
|