Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2005.0216 -- Ethereal Security Advisory New ethereal version fixes multiple security issues 15 March 2005 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Ethereal Operating System: Windows Linux variants UNIX variants Impact: Execute Arbitrary Code/Commands Denial of Service Access: Remote/Unauthenticated CVE Names: CAN-2005-0699 CAN-2005-0704 CAN-2005-0705 Original Bulletin: http://www.ethereal.com/appnotes/enpa-sa-00018.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ethereal 0.10.10 has been released. This release fixes the following security and stability-related issues: Matevz Pustisek discovered a buffer overflow in the Etheric dissector. (CAN-2005-0704) The GPRS-LLC dissector could crash if the "ignore cipher bit" option was enabled. (CAN-2005-0705) Diego Giago discovered a buffer overflow in the 3GPP2 A11 dissector. This flaw was later reported by Leon Juranic. (CAN-2005-0699) Leon Juranic discovered a buffer overflow in the IAPP dissector. A bug in the JXTA dissector could make Ethereal crash. A bug in the sFlow dissector could make Ethereal crash. Please see the following advisory for more information: http://www.ethereal.com/appnotes/enpa-sa-00018.html Everyone is encouraged to upgrade. New and updated features Tree view item context menus now let you browse to the display filter reference and wiki pages for a particular protocol. Online help has been expanded. VoIP call analysis (including nifty connection diagrams) has been added. GSS-API decryption has been greatly enhanced. New protocol support AgentX, BUDB, DTP, G.723, IDP, INAP, KINK, Realplayer Data Protocol, Retix Spanning Tree Protocol, RTCP-XR, XML, XNS, SPP Updated protocol support 3GPP2 A11, ACSE, AMR, ATM, BER, BSSGP, BUTC, CDP, CLNP, CoSine L2, DAAP, DCE/RPC, DCOM, DIAMETER, DNP, DNS, Etheric, FCP, FW-1, Gnutella, GPRS, GSM A, GSM MAP, H.225, H.245, H.248, H.450, HTTP, IAX2, ICQ, IEEE 802.11, IEEE 802.3 Slow Protocols, IP, iSCSI, ISUP, Juniper, JXTA, Kerberos, L2TP, LDAP, MIP, MPLS, NDMP, NSIP, NTP, OSPF, OXID, PostgreSQL, RADIUS, RDT, Redback, RMCP, RTP, RTSP, SCSI, SCTP, SDP, SPNEGO, SSL, STUN, TCAP, TCP, TZSP New and updated capture file support DBS Etherwatch, Lucent/Ascend, Nettl, Tcpdump (Redback) Download Sites The source code, Windows and Solaris installers can be downloaded immediately from the following locations: Main site: Source: http://www.ethereal.com/distribution/ethereal-0.10.10.tar.gz http://www.ethereal.com/distribution/ethereal-0.10.10.tar.bz2 Windows installer: http://www.ethereal.com/distribution/win32/ethereal-setup-0.10.10.exe Solaris installers: http://www.ethereal.com/distribution/solaris/ SourceForge: http://sourceforge.net/project/showfiles.php?group_id=255 The mirror sites listed at http://www.ethereal.com/download.html#releases should be updated shortly. Digests MD5(ethereal-0.10.10.tar.bz2)=5addaf1db088a8b51941e4db191b0ab0 SHA1(ethereal-0.10.10.tar.bz2)=611259edaf36a34a49331ed6fbc194c2407bd528 RIPEMD160(ethereal-0.10.10.tar.bz2)=1867f061c704482ea15c78077d3289ac67984001 MD5(ethereal-0.10.10.tar.gz)=e6b74468412c17bb66cd459bfb61471c SHA1(ethereal-0.10.10.tar.gz)=5cf7ca783f5e9d0a142519110d188a8c83458cf4 RIPEMD160(ethereal-0.10.10.tar.gz)=2d0f5e6355a10251bdcccd1f4477404a21815b12 MD5(ethereal-setup-0.10.10.exe)=07f50aae1d4a746c1a0fbd3b73daa6c0 SHA1(ethereal-setup-0.10.10.exe)=d7dbaa39399f862699c02f12c660d1905a9a156e RIPEMD160(ethereal-setup-0.10.10.exe)=03f87256a16619415a8967ae7af7f2614c99e652 MD5(ethereal-0.10.10-solaris2.8-sparc-local.bz2)=80d84ef7732c7db71241faffb5f5f666 SHA1(ethereal-0.10.10-solaris2.8-sparc-local.bz2)=3af9ca8b1f7e682cd7fc8b4954d6887573a7ef83 RIPEMD160(ethereal-0.10.10-solaris2.8-sparc-local.bz2)=afe94928803f2aa3802890b04fce49b23898437b MD5(ethereal-0.10.10-solaris2.9-sparc-local.bz2)=6ad4ab78611849fb950bc65d5f076783 SHA1(ethereal-0.10.10-solaris2.9-sparc-local.bz2)=c05261056e278cebcce9a94c6f23881f6b33e871 RIPEMD160(ethereal-0.10.10-solaris2.9-sparc-local.bz2)=88bc48174f39e7603b0111a645500f8935e7ee42 MD5(patch-ethereal-0.10.9-to-0.10.10.diff.bz2)=1858d6d6b7a70491e2f61f30c3f25eb9 SHA1(patch-ethereal-0.10.9-to-0.10.10.diff.bz2)=df6aef42cc576f27cb70ce4f5a353d8a845b5f24 RIPEMD160(patch-ethereal-0.10.9-to-0.10.10.diff.bz2)=572fc3755ec61c28241193d6c115a37d96607bde - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCMeGykXaEuZt2wEERAqHqAJ9KmBC4q0aKSdEJIYDSZdvGRbpFdQCeI12a wFdzcak3srZdXPYTKs4O94w= =TZoX - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQjZTuSh9+71yA2DNAQKEgAP5AZSksI6U724htHLdp3oGUaqPb4y5d871 5ixVW0gHhvUQulPpelOu8enJYB5740oWzOc2uu0/y4OPGCUBky8r+cbtFATUUhu1 YZsnP5BBS8/dcU4DI9ino9E+ud1zMsSMB5yXRte7GsUHxHtES8WwIsEKunTBVGN4 fEvO1dlbBfA= =xlhl -----END PGP SIGNATURE-----