TUCoPS :: SCO :: bt1664.txt

OpenLinux: Multiple vulnerabilities have reported in Ethereal 0.9.12 



To: announce@lists.caldera.com bugtraq@securityfocus.com full-disclosure@lists.netsys.com security-alerts@linuxsecurity.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 
______________________________________________________________________________

			SCO Security Advisory

Subject:		OpenLinux: Multiple vulnerabilities have reported in Ethereal 0.9.12
Advisory number: 	CSSA-2003-030.0
Issue date: 		2003 November 07
Cross reference: 	sr883585 fz528203 erg712398 CAN-2003-0428 CAN-2003-0429 CAN-2003-0430 CAN-2003-0431 CAN-2003-0432
______________________________________________________________________________


1. Problem Description

	Multiple vulnerabilities have reported in Ethereal 0.9.12. 
	
	Ethereal is a freely available network protocol analyzer for 
	Microsoft Windows and multiple Unix-based operating systems. 
	
	Ethereal versions 0.9.12 and earlier are vulnerable to multiple 
	issues. The Vulnerabilities are: 
	
	1. The DCERPC dissector could try to allocate too much memory 
	while trying to decode an NDR string. The Common Vulnerabilities 
	and Exposures project (cve.mitre.org) has assigned the following 
	name CAN-2003-0428 to this issue. 
	
	2. Bad IPv4 or IPv6 prefix lengths could cause an overflow in the 
	OSI dissector. The Common Vulnerabilities and Exposures project 
	(cve.mitre.org) has assigned the following name CAN-2003-0429 to 
	this issue. 
	
	3. The SPNEGO dissector could segfault while parsing an invalid 
	ASN.1 value. The Common Vulnerabilities and Exposures project 
	(cve.mitre.org) has assigned the following name CAN-2003-0430 
	to this issue. 
	
	4. The tvb_get_nstringz0() routine incorrectly handled a zero-
	length buffer size. The Common Vulnerabilities and Exposures 
	project (cve.mitre.org) has assigned the following name 
	CAN-2003-0431 to this issue. 
	
	5. The BGP, WTP, DNS, 802.11, ISAKMP, WSP, CLNP, ISIS, and RMI 
	dissectors handled strings improperly. The Common Vulnerabilities 
	and Exposures project (cve.mitre.org) has assigned the following 
	name CAN-2003-0432 to this issue. 
	
	POTENTIAL IMPACT 
	It may be possible to make Ethereal crash or run arbitrary code
	by injecting a purposefully malformed packet onto the wire,
	or by convincing someone to read a malformed packet trace file.

2. Vulnerable Supported Versions

	System				Package
	-------------------------------------------------------------------
	OpenLinux 3.1.1 Server		prior to ethereal-0.9.13-1.i386.rpm
	OpenLinux 3.1.1 Workstation	prior to ethereal-0.9.13-1.i386.rpm

3. Solution

	The proper solution is to install the latest packages. Many
	customers find it easier to use the Caldera System Updater, called
	cupdate (or kcupdate under the KDE environment), to update these
	packages rather than downloading and installing them by hand.

4. OpenLinux 3.1.1 Server

	4.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-030.0/RPMS

	4.2 Packages

	9c5039a96d35a4bb91cddfa40adb7e2c	ethereal-0.9.13-1.i386.rpm

	4.3 Installation

	rpm -Fvh ethereal-0.9.13-1.i386.rpm

	4.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-030.0/SRPMS

	4.5 Source Packages

	991395b4b4bcf0375e7dfe6a09108faf	ethereal-0.9.13-1.src.rpm


5. OpenLinux 3.1.1 Workstation

	5.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-030.0/RPMS

	5.2 Packages

	9d87667d906a624fc6e05434187941c1	ethereal-0.9.13-1.i386.rpm

	5.3 Installation

	rpm -Fvh ethereal-0.9.13-1.i386.rpm

	5.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-030.0/SRPMS

	5.5 Source Packages

	391d94b691aee0b3194583675c400cd7	ethereal-0.9.13-1.src.rpm


6. References

	Specific references for this advisory:
		http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0428	
		http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0429
		http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0430
		http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0431
		http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0432

	SCO security resources:
		http://www.sco.com/support/security/index.html

	This security fix closes SCO incidents sr883585 fz528203
	erg712398.


7. Disclaimer

	SCO is not responsible for the misuse of any of the information
	we provide on this website and/or through our security
	advisories. Our advisories are a service to our customers intended
	to promote secure installation and use of SCO products.

______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj+sNhQACgkQbluZssSXDTEZMwCfUH9bcXlH1HwcxpnZp2+wIWvx
CCEAoKkO/by2uLsop7CdEmSE2zvXUY/A
=T8Uu
-----END PGP SIGNATURE-----

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH