Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2005-2021 Tenable Network Security, Inc.GENTOO_GLSA-200501-27.NASL
HistoryFeb 14, 2005 - 12:00 a.m.

GLSA-200501-27 : Ethereal: Multiple vulnerabilities

2005-02-1400:00:00
This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.
www.tenable.com
8
JSON

The remote host is affected by the vulnerability described in GLSA-200501-27 (Ethereal: Multiple vulnerabilities)

There are multiple vulnerabilities in versions of Ethereal earlier     than 0.10.9, including:
The COPS dissector could go into     an infinite loop (CAN-2005-0006).
The DLSw dissector could     cause an assertion, making Ethereal exit prematurely     (CAN-2005-0007).
The DNP dissector could cause memory     corruption (CAN-2005-0008).
The Gnutella dissector could cause     an assertion, making Ethereal exit prematurely (CAN-2005-0009).
The MMSE dissector could free statically-allocated memory     (CAN-2005-0010).
The X11 dissector is vulnerable to a string     buffer overflow (CAN-2005-0084).

Impact :

An attacker might be able to use these vulnerabilities to crash     Ethereal, perform DoS by CPU and disk space utilization or even execute     arbitrary code with the permissions of the user running Ethereal, which     could be the root user.

Workaround :

For a temporary workaround you can disable all affected protocol     dissectors by selecting Analyze->Enabled Protocols... and deselecting     them from the list. However, it is strongly recommended to upgrade to     the latest stable version.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Gentoo Linux Security Advisory GLSA 200501-27.
#
# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
# and licensed under the Creative Commons - Attribution / Share Alike 
# license. See http://creativecommons.org/licenses/by-sa/3.0/
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(16418);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2005-0006", "CVE-2005-0007", "CVE-2005-0008", "CVE-2005-0009", "CVE-2005-0010", "CVE-2005-0084");
  script_xref(name:"GLSA", value:"200501-27");

  script_name(english:"GLSA-200501-27 : Ethereal: Multiple vulnerabilities");
  script_summary(english:"Checks for updated package(s) in /var/db/pkg");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Gentoo host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The remote host is affected by the vulnerability described in GLSA-200501-27
(Ethereal: Multiple vulnerabilities)

    There are multiple vulnerabilities in versions of Ethereal earlier
    than 0.10.9, including:
    The COPS dissector could go into
    an infinite loop (CAN-2005-0006).
    The DLSw dissector could
    cause an assertion, making Ethereal exit prematurely
    (CAN-2005-0007).
    The DNP dissector could cause memory
    corruption (CAN-2005-0008).
    The Gnutella dissector could cause
    an assertion, making Ethereal exit prematurely (CAN-2005-0009).
    The MMSE dissector could free statically-allocated memory
    (CAN-2005-0010).
    The X11 dissector is vulnerable to a string
    buffer overflow (CAN-2005-0084).
  
Impact :

    An attacker might be able to use these vulnerabilities to crash
    Ethereal, perform DoS by CPU and disk space utilization or even execute
    arbitrary code with the permissions of the user running Ethereal, which
    could be the root user.
  
Workaround :

    For a temporary workaround you can disable all affected protocol
    dissectors by selecting Analyze->Enabled Protocols... and deselecting
    them from the list. However, it is strongly recommended to upgrade to
    the latest stable version."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.ethereal.com/news/item_20050120_01.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security.gentoo.org/glsa/200501-27"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"All Ethereal users should upgrade to the latest version:
    # emerge --sync
    # emerge --ask --oneshot --verbose '>=net-analyzer/ethereal-0.10.9'"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:ethereal");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2005/01/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/14");
  script_set_attribute(attribute:"vuln_publication_date", value:"2005/01/20");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.");
  script_family(english:"Gentoo Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("qpkg.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (qpkg_check(package:"net-analyzer/ethereal", unaffected:make_list("ge 0.10.9"), vulnerable:make_list("lt 0.10.9"))) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = qpkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Ethereal");
}
VendorProductVersionCPE
gentoolinuxetherealp-cpe:/a:gentoo:linux:ethereal
gentoolinuxcpe:/o:gentoo:linux

Related

openvas 10
nessus 5
gentoo 1
freebsd 1
redhat 2
altlinux 1
cve 6
ubuntucve 6
osv 1
debian 2
openvas
openvas
Gentoo Security Advisory GLSA 200501-27 (ethereal)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200501-27 (ethereal)
2008-09-24 00:00:00
FreeBSD Ports: ethereal, ethereal-lite, tethereal, tethereal-lite
2008-09-04 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : ethereal (MDKSA-2005:013)
2005-01-25 00:00:00
Debian DSA-653-1 : ethereal - buffer overflow
2005-01-25 00:00:00
FreeBSD : ethereal -- multiple protocol dissectors vulnerabilities (831a6a66-79fa-11d9-a9e7-0001020eed82)
2005-07-13 00:00:00
gentoo
gentoo
Ethereal: Multiple vulnerabilities
2005-01-20 00:00:00
freebsd
freebsd
ethereal -- multiple protocol dissectors vulnerabilities
2005-01-18 00:00:00
redhat
redhat
(RHSA-2005:011) ethereal security update
2005-02-02 00:00:00
(RHSA-2005:037) ethereal security update
2005-02-15 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package wireshark version 0.10.9-alt1
2005-01-22 00:00:00
cve
cve
CVE-2005-0009
2005-05-02 04:00:00
CVE-2005-0010
2005-05-02 04:00:00
CVE-2005-0008
2005-05-02 04:00:00
ubuntucve
ubuntucve
CVE-2005-0007
2005-05-02 00:00:00
CVE-2005-0084
2005-05-02 00:00:00
CVE-2005-0010
2005-05-02 00:00:00
osv
osv
ethereal - buffer overflow
2005-01-21 00:00:00
debian
debian
[SECURITY] [DSA 653-1] New ethereal packages fix buffer overflow
2005-01-21 11:33:27
[SECURITY] [DSA 653-1] New ethereal packages fix buffer overflow
2005-01-21 11:33:27
JSON
Related for GENTOO_GLSA-200501-27.NASL
openvas10nessus5gentoo1freebsd1redhat2altlinux1cve6ubuntucve6osv1debian2