Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 Tenable Network Security, Inc.GENTOO_GLSA-200412-15.NASL
HistoryDec 19, 2004 - 12:00 a.m.

GLSA-200412-15 : Ethereal: Multiple vulnerabilities

2004-12-1900:00:00
This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.
www.tenable.com
9
JSON

The remote host is affected by the vulnerability described in GLSA-200412-15 (Ethereal: Multiple vulnerabilities)

There are multiple vulnerabilities in versions of Ethereal earlier     than 0.10.8, including:
Bug in DICOM dissection     discovered by Bing could make Ethereal crash (CAN 2004-1139).
An invalid RTP timestamp could make Ethereal hang and create a     large temporary file (CAN 2004-1140).
The HTTP dissector could     access previously-freed memory (CAN 2004-1141).
Brian Caswell     discovered that an improperly formatted SMB could make Ethereal hang     (CAN 2004-1142).

Impact :

An attacker might be able to use these vulnerabilities to crash     Ethereal, perform DoS by CPU and disk space utilization or even execute     arbitrary code with the permissions of the user running Ethereal, which     could be the root user.

Workaround :

For a temporary workaround you can disable all affected protocol     dissectors by selecting Analyze->Enabled Protocols... and deselecting     them from the list. However, it is strongly recommended to upgrade to     the latest stable version.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200412-15.
#
# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(16002);
  script_version("1.18");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2004-1139", "CVE-2004-1140", "CVE-2004-1141", "CVE-2004-1142");
  script_xref(name:"GLSA", value:"200412-15");

  script_name(english:"GLSA-200412-15 : Ethereal: Multiple vulnerabilities");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200412-15
(Ethereal: Multiple vulnerabilities)

    There are multiple vulnerabilities in versions of Ethereal earlier
    than 0.10.8, including:
    Bug in DICOM dissection
    discovered by Bing could make Ethereal crash (CAN 2004-1139).
    An invalid RTP timestamp could make Ethereal hang and create a
    large temporary file (CAN 2004-1140).
    The HTTP dissector could
    access previously-freed memory (CAN 2004-1141).
    Brian Caswell
    discovered that an improperly formatted SMB could make Ethereal hang
    (CAN 2004-1142).
  
Impact :

    An attacker might be able to use these vulnerabilities to crash
    Ethereal, perform DoS by CPU and disk space utilization or even execute
    arbitrary code with the permissions of the user running Ethereal, which
    could be the root user.
  
Workaround :

    For a temporary workaround you can disable all affected protocol
    dissectors by selecting Analyze->Enabled Protocols... and deselecting
    them from the list. However, it is strongly recommended to upgrade to
    the latest stable version."
  );
  # http://www.ethereal.com/appnotes/enpa-sa-00016.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://ethereal.archive.sunet.se/appnotes/enpa-sa-00016.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200412-15"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All ethereal users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=net-analyzer/ethereal-0.10.8'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:ethereal");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2004/12/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/12/19");
  script_set_attribute(attribute:"vuln_publication_date", value:"2004/12/15");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"net-analyzer/ethereal", unaffected:make_list("ge 0.10.8"), vulnerable:make_list("lt 0.10.8"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Ethereal");
}
VendorProductVersionCPE
gentoolinuxetherealp-cpe:/a:gentoo:linux:ethereal
gentoolinuxcpe:/o:gentoo:linux

Related

openvas 10
nessus 5
gentoo 1
freebsd 1
redhat 2
altlinux 1
cve 4
debian 2
ubuntucve 4
osv 1
openvas
openvas
FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200412-15 (Ethereal)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200412-15 (Ethereal)
2008-09-24 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : ethereal (MDKSA-2004:152)
2004-12-21 00:00:00
FreeBSD : ethereal -- multiple vulnerabilities (efa1344b-5477-11d9-a9e7-0001020eed82)
2005-07-13 00:00:00
RHEL 2.1 / 3 : ethereal (RHSA-2005:011)
2005-02-02 00:00:00
gentoo
gentoo
Ethereal: Multiple vulnerabilities
2004-12-19 00:00:00
freebsd
freebsd
ethereal -- multiple vulnerabilities
2004-12-14 00:00:00
redhat
redhat
(RHSA-2005:011) ethereal security update
2005-02-02 00:00:00
(RHSA-2005:037) ethereal security update
2005-02-15 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package wireshark version 0.10.9-alt1
2005-01-22 00:00:00
cve
cve
CVE-2004-1142
2004-12-15 05:00:00
CVE-2004-1141
2004-12-31 05:00:00
CVE-2004-1140
2004-12-31 05:00:00
debian
debian
[SECURITY] [DSA 613-1] New ethereal packages fix denial of service
2004-12-21 07:48:54
[SECURITY] [DSA 613-1] New ethereal packages fix denial of service
2004-12-21 07:48:54
ubuntucve
ubuntucve
CVE-2004-1142
2004-12-15 00:00:00
CVE-2004-1141
2004-12-31 00:00:00
CVE-2004-1140
2004-12-31 00:00:00
osv
osv
ethereal - infinite loop
2004-12-21 00:00:00
JSON
Related for GENTOO_GLSA-200412-15.NASL
openvas10nessus5gentoo1freebsd1redhat2altlinux1cve4debian2ubuntucve4osv1