10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.045 Low
EPSS
Percentile
92.3%
CentOS Errata and Security Advisory CESA-2006:0420
Ethereal is a program for monitoring network traffic.
Several denial of service bugs were found in Ethereal’s protocol
dissectors. Ethereal could crash or stop responding if it reads a malformed
packet off the network. (CVE-2006-1932, CVE-2006-1933, CVE-2006-1937,
CVE-2006-1938, CVE-2006-1939, CVE-2006-1940)
Several buffer overflow bugs were found in Ethereal’s COPS, telnet, and
ALCAP dissectors as well as Network Instruments file code and
NetXray/Windows Sniffer file code. Ethereal could crash or execute
arbitrary code if it reads a malformed packet off the network.
(CVE-2006-1934, CVE-2006-1935, CVE-2006-1936)
Users of ethereal should upgrade to these updated packages containing
version 0.99.0, which is not vulnerable to these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2006-May/075022.html
https://lists.centos.org/pipermail/centos-announce/2006-May/075023.html
https://lists.centos.org/pipermail/centos-announce/2006-May/075028.html
https://lists.centos.org/pipermail/centos-announce/2006-May/075030.html
https://lists.centos.org/pipermail/centos-announce/2006-May/075032.html
https://lists.centos.org/pipermail/centos-announce/2006-May/075037.html
https://lists.centos.org/pipermail/centos-announce/2006-May/075038.html
https://lists.centos.org/pipermail/centos-announce/2006-May/075045.html
https://lists.centos.org/pipermail/centos-announce/2006-May/075046.html
Affected packages:
ethereal
ethereal-gnome
Upstream details at:
https://access.redhat.com/errata/RHSA-2006:0420
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 3 | i386 | ethereal | < 0.99.0-EL3.2 | ethereal-0.99.0-EL3.2.i386.rpm |
CentOS | 3 | i386 | ethereal-gnome | < 0.99.0-EL3.2 | ethereal-gnome-0.99.0-EL3.2.i386.rpm |
CentOS | 3 | x86_64 | ethereal | < 0.99.0-EL3.2 | ethereal-0.99.0-EL3.2.x86_64.rpm |
CentOS | 3 | x86_64 | ethereal-gnome | < 0.99.0-EL3.2 | ethereal-gnome-0.99.0-EL3.2.x86_64.rpm |
CentOS | 4 | ia64 | ethereal | < 0.99.0-EL4.2 | ethereal-0.99.0-EL4.2.ia64.rpm |
CentOS | 4 | ia64 | ethereal-gnome | < 0.99.0-EL4.2 | ethereal-gnome-0.99.0-EL4.2.ia64.rpm |
CentOS | 3 | ia64 | ethereal | < 0.99.0-EL3.2 | ethereal-0.99.0-EL3.2.ia64.rpm |
CentOS | 3 | ia64 | ethereal-gnome | < 0.99.0-EL3.2 | ethereal-gnome-0.99.0-EL3.2.ia64.rpm |
CentOS | 4 | alpha | ethereal | < 0.99.0-EL4.2 | ethereal-0.99.0-EL4.2.alpha.rpm |
CentOS | 4 | alpha | ethereal-gnome | < 0.99.0-EL4.2 | ethereal-gnome-0.99.0-EL4.2.alpha.rpm |