Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2005.0105 -- Ethereal Security Advisory Multiple problems in Ethereal versions 0.8.10 to 0.10.8 3 February 2005 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: ethereal Operating System: Mac OS X Windows Linux variants UNIX variants Impact: Execute Arbitrary Code/Commands Denial of Service Access: Remote/Unauthenticated CVE Names: CAN-2005-0084 CAN-2005-0010 CAN-2005-0009 CAN-2005-0008 CAN-2005-0007 CAN-2005-0006 Original Bulletin: http://www.ethereal.com/appnotes/enpa-sa-00017.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ethereal 0.10.9 has been released. This release fixes the following security-related issues: The COPS dissector could go into an infinite loop. (CAN-2005-0006) The DLSw dissector could cause an assertion, making Ethereal exit prematurely. (CAN-2005-0007) The DNP dissector could cause memory corruption. (CAN-2005-0008) The Gnutella dissector could cause an assertion, making Ethereal exit prematurely. (CAN-2005-0009) The MMSE dissector could free static memory. (CAN-2005-0010) The X11 protocol dissector is vulnerable to a string buffer overflow. (CAN-2005-0084) Please see the following advisory for more information: http://www.ethereal.com/appnotes/enpa-sa-00017.html Everyone is encouraged to upgrade. New and updated features Ethereal will now detect and flag weak 802.11 WEP IVs. Windows Sniffer timestamp handling has been greatly improved. A bug which made Ethereal crash at startup on Windows 98 and Windows ME systems has been fixed. Ethereal and Tethereal now support a personal "hosts" file. Invalid field length handling has been greatly improved. The capture progress window title now shows the interface name. New protocol support ALC, AMR, CRMF, JXTA, NORM, PKIXCMP, PROFINET CBA Updated protocol support AIM, ARP, BGP, BOOTP/DHCP, COPS, DAAP, DCERPC EPM, DCERPC, DCOM, DHCPv6, DLSw, DNP, DNS, EAPOL, eDonkey, FC-dNS, FC-FCS, FC-SWILS, FCIP, FCSB3, FIX, GIOP, Gnutella, GSM A, GSM SMS, GTP, H.225, H.245, HTTP, ICMP, IEEE 802.11, IEEE 802a, image/GIF, image/JFIF, Kerberos, L2TP, LDAP, LLC, LMP, MGCP, MIME Multipart, MMSE, MPLS, MTP2, NBNS, NDMP, NMAS, NSIP, OLSR, PER, pflog, PGM, PostgreSQL, PPP, PRES, Q.931, RADIUS, RTCP, RTP, SDP, SEBEK, SIGCOMP, SIP, SLSK, SMB, SMPP, SRVLOC, SSL/TLS, T.38, TACACS, TCAP, TCP, X11 New and updated capture file support Windows Sniffer Download Sites The source code, Windows and Solaris installers can be downloaded immediately from the following locations: Main site: Source: http://www.ethereal.com/distribution/ethereal-0.10.9.tar.gz http://www.ethereal.com/distribution/ethereal-0.10.9.tar.bz2 Windows installer: http://www.ethereal.com/distribution/win32/ethereal-setup-0.10.9.exe Solaris installers: http://www.ethereal.com/distribution/solaris/ SourceForge: http://sourceforge.net/project/showfiles.php?group_id=255 The mirror sites listed at http://www.ethereal.com/download.html#releases should be updated shortly. Digests MD5(ethereal-0.10.9.tar.bz2)=f8b7a2c2dcf273e7fd755f972167dacb SHA1(ethereal-0.10.9.tar.bz2)=fc27a93f4c19dcc4278968b376e0b33e7d756998 RIPEMD160(ethereal-0.10.9.tar.bz2)=25085f1ff149316a3e71c4d4abdda0dcb4a07320 MD5(ethereal-0.10.9.tar.gz)=437679a230ff62d907f38eb1a3387179 SHA1(ethereal-0.10.9.tar.gz)=11b6bd131b833bdc96366c773723dccce3c55770 RIPEMD160(ethereal-0.10.9.tar.gz)=a07c72c5757eb74f35e03603d6d5236c2f9440d2 MD5(ethereal-setup-0.10.9.exe)=7965fa604a9d7ffcf93afa39c9966f81 SHA1(ethereal-setup-0.10.9.exe)=60332c9430410bb556f4a4a63d07323f5b0470f3 RIPEMD160(ethereal-setup-0.10.9.exe)=2e5a41450eba0a31542039da661c650b3b1bb9b8 MD5(ethereal-0.10.9-solaris2.8-sparc-local.bz2)=cbc8d8df60ca4ecbe220eb363645a07d SHA1(ethereal-0.10.9-solaris2.8-sparc-local.bz2)=061267ec847875508c428c34e3b7f10e5997cb94 RIPEMD160(ethereal-0.10.9-solaris2.8-sparc-local.bz2)=fe96b45ce5dce9d62978f75ee6144c7d995268c8 MD5(ethereal-0.10.9-solaris2.9-sparc-local.bz2)=11a152f6628146dba5dc936da8a6b007 SHA1(ethereal-0.10.9-solaris2.9-sparc-local.bz2)=fb3e7706a0ba1c9786f32d4deea6bc40b19c5649 RIPEMD160(ethereal-0.10.9-solaris2.9-sparc-local.bz2)=3b1410de768aa845a0f6d3b16ca7776a371c5b53 MD5(patch-ethereal-0.10.8-to-0.10.9.bz2)=308bd2476ac10900e4c95a43a0539f3c SHA1(patch-ethereal-0.10.8-to-0.10.9.bz2)=ecf5bcd03eb9bb439dabd7536955bfedab46037c RIPEMD160(patch-ethereal-0.10.8-to-0.10.9.bz2)=461c99358edcbfdbddc0874a4037b0f624713b1d - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB8CgnkXaEuZt2wEERAuNbAKDJCLlYBG00hx7devjgLpcp0eb3cQCfdRp1 r0+b/e1jHCdfsPyJkgY+uDE= =EIU/ - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQgIkNCh9+71yA2DNAQL7iwP/bQi6xw4CYF6wax7vr7mPdESn/rZuWGUy z+99ngEhcgyalKdlnToi/4PS578MgBe1pmXfzXpJwnGJM5Xno9hzwXHY1MRDjXx2 GBgxmVuPswVqH3Yq6/ASFy1RpC5VOsPyPHHVvqG8PXRcHJHWZAJlRE6W0S0h0HMU tWzbgXsgy1M= =pEof -----END PGP SIGNATURE-----