Lucene search
Copyright (C) 2008 E-Soft Inc.OPENVAS:136141256231053602HistoryJan 17, 2008 - 12:00 a.m.
Debian Security Advisory DSA 313-1 (ethereal)
2008-01-1700:00:00
Copyright (C) 2008 E-Soft Inc.
plugins.openvas.org
3
The remote host is missing an update to ethereal
announced via advisory DSA 313-1.
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53602");
script_version("2023-07-19T05:05:15+0000");
script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
script_tag(name:"creation_date", value:"2008-01-17 22:36:24 +0100 (Thu, 17 Jan 2008)");
script_cve_id("CVE-2003-0356", "CVE-2003-0357");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("Debian Security Advisory DSA 313-1 (ethereal)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB3\.0");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20313-1");
script_tag(name:"insight", value:"Timo Sirainen discovered several vulnerabilities in ethereal, a
network traffic analyzer. These include one-byte buffer overflows in
the AIM, GIOP Gryphon, OSPF, PPTP, Quake, Quake2, Quake3, Rsync, SMB,
SMPP, and TSP dissectors, and integer overflows in the Mount and PPP
dissectors.
For the stable distribution (woody) these problems have been fixed in
version 0.9.4-1woody4.
The old stable distribution (potato) does not appear to contain these
vulnerabilities.
For the unstable distribution (sid) these problems are fixed in version
0.9.12-1.
We recommend that you update your ethereal package.");
script_tag(name:"summary", value:"The remote host is missing an update to ethereal
announced via advisory DSA 313-1.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
res = "";
report = "";
if((res = isdpkgvuln(pkg:"ethereal", ver:"0.9.4-1woody4", rls:"DEB3.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"ethereal-common", ver:"0.9.4-1woody4", rls:"DEB3.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"ethereal-dev", ver:"0.9.4-1woody4", rls:"DEB3.0")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"tethereal", ver:"0.9.4-1woody4", rls:"DEB3.0")) != NULL) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
Related
debian
debian
osv
osv
ethereal - buffer overflows, integer overflows
2003-06-11 00:00:00
nessus
nessus
Debian DSA-313-1 : ethereal - buffer overflows, integer overflows
2004-09-29 00:00:00
Mandrake Linux Security Advisory : ethereal (MDKSA-2003:067)
2004-07-31 00:00:00
RHEL 2.1 : ethereal (RHSA-2003:077)
2004-07-06 00:00:00
openvas
openvas
Debian Security Advisory DSA 313-1 (ethereal)
2008-01-17 00:00:00
cve
cve
CVE-2003-0356
2003-06-09 04:00:00
CVE-2003-0357
2003-06-09 04:00:00
cvelist
cvelist
CVE-2003-0357
2003-05-30 04:00:00
CVE-2003-0356
2003-05-30 04:00:00
redhat
redhat
(RHSA-2003:077) ethereal security update
2003-07-08 00:00:00