Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2003-324.NASL
HistoryJul 06, 2004 - 12:00 a.m.

RHEL 2.1 / 3 : ethereal (RHSA-2003:324)

2004-07-0600:00:00
This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.023 Low

EPSS

Percentile

89.6%

JSON

Updated Ethereal packages that fix a number of exploitable security issues are now available.

Ethereal is a program for monitoring network traffic.

A number of security issues affect Ethereal. By exploiting these issues, it may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully-malformed packet onto the wire or by convincing someone to read a malformed packet trace file.

A buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0925 to this issue.

Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) via certain malformed ISAKMP or MEGACO packets. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0926 to this issue.

A heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0927 to this issue.

Users of Ethereal should update to these erratum packages containing Ethereal version 0.9.16, which is not vulnerable to these issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2003:324. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(12433);
  script_version("1.26");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2003-0925", "CVE-2003-0926", "CVE-2003-0927");
  script_xref(name:"RHSA", value:"2003:324");

  script_name(english:"RHEL 2.1 / 3 : ethereal (RHSA-2003:324)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated Ethereal packages that fix a number of exploitable security
issues are now available.

Ethereal is a program for monitoring network traffic.

A number of security issues affect Ethereal. By exploiting these
issues, it may be possible to make Ethereal crash or run arbitrary
code by injecting a purposefully-malformed packet onto the wire or by
convincing someone to read a malformed packet trace file.

A buffer overflow in Ethereal 0.9.15 and earlier allows remote
attackers to cause a denial of service and possibly execute arbitrary
code via a malformed GTP MSISDN string. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2003-0925
to this issue.

Ethereal 0.9.15 and earlier allows remote attackers to cause a denial
of service (crash) via certain malformed ISAKMP or MEGACO packets. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2003-0926 to this issue.

A heap-based buffer overflow in Ethereal 0.9.15 and earlier allows
remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via the SOCKS dissector. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2003-0927 to this issue.

Users of Ethereal should update to these erratum packages containing
Ethereal version 0.9.16, which is not vulnerable to these issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2003-0925"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2003-0926"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2003-0927"
  );
  # http://www.ethereal.com/appnotes/enpa-sa-00011.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://ethereal.archive.sunet.se/appnotes/enpa-sa-00011.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2003:324"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected ethereal and / or ethereal-gnome packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ethereal");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ethereal-gnome");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2003/12/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2003/11/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/06");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(2\.1|3)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1 / 3.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2003:324";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"ethereal-0.9.16-0.AS21.1")) flag++;
  if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"ethereal-gnome-0.9.16-0.AS21.1")) flag++;

  if (rpm_check(release:"RHEL3", reference:"ethereal-0.9.16-0.30E.1")) flag++;
  if (rpm_check(release:"RHEL3", reference:"ethereal-gnome-0.9.16-0.30E.1")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ethereal / ethereal-gnome");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxetherealp-cpe:/a:redhat:enterprise_linux:ethereal
redhatenterprise_linuxethereal-gnomep-cpe:/a:redhat:enterprise_linux:ethereal-gnome
redhatenterprise_linux2.1cpe:/o:redhat:enterprise_linux:2.1
redhatenterprise_linux3cpe:/o:redhat:enterprise_linux:3

Related

nessus 2
redhat 1
altlinux 1
openvas 2
debian 2
osv 1
cvelist 3
nvd 3
ubuntucve 3
cve 3
nessus
nessus
Mandrake Linux Security Advisory : ethereal (MDKSA-2003:114)
2004-07-31 00:00:00
Debian DSA-407-1 : ethereal - buffer overflows
2004-09-29 00:00:00
redhat
redhat
(RHSA-2003:324) ethereal security update
2003-11-12 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package wireshark version 0.9.16-alt1
2003-11-06 00:00:00
openvas
openvas
Debian Security Advisory DSA 407-1 (ethereal)
2008-01-17 00:00:00
Debian Security Advisory DSA 407-1 (ethereal)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 407-1] New ethereal packages fix several vulnerabilities
2004-01-05 09:40:05
[SECURITY] [DSA 407-1] New ethereal packages fix several vulnerabilities
2004-01-05 09:40:05
osv
osv
ethereal - buffer overflows
2004-01-05 00:00:00
cvelist
cvelist
CVE-2003-0926
2003-11-06 05:00:00
CVE-2003-0927
2003-11-06 05:00:00
CVE-2003-0925
2003-11-06 05:00:00
nvd
nvd
CVE-2003-0926
2003-12-01 05:00:00
CVE-2003-0925
2003-12-01 05:00:00
CVE-2003-0927
2003-12-01 05:00:00
ubuntucve
ubuntucve
CVE-2003-0925
2003-12-01 00:00:00
CVE-2003-0926
2003-12-01 00:00:00
CVE-2003-0927
2003-12-01 00:00:00
cve
cve
CVE-2003-0926
2003-12-01 05:00:00
CVE-2003-0925
2003-12-01 05:00:00
CVE-2003-0927
2003-12-01 05:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.023 Low

EPSS

Percentile

89.6%

JSON
Related for REDHAT-RHSA-2003-324.NASL
nessus2redhat1altlinux1openvas2debian2osv1cvelist3nvd3ubuntucve3cve3