Security Advisory ethereal security update

Advisory: RHSA-2004:136-09
Type: Security Advisory
Severity: Moderate
Issued on: 2004-03-30
Last updated on: 2004-03-30
Affected Products: Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
OVAL: N/A
CVEs (cve.mitre.org): CVE-2004-0176
CVE-2004-0365
CVE-2004-0367
CVE-2004-1761

Details

Updated Ethereal packages that fix various security vulnerabilities are now
available.

Ethereal is a program for monitoring network traffic.

Stefan Esser reported that Ethereal versions 0.10.1 and earlier contain
stack overflows in the IGRP, PGM, Metflow, ISUP, TCAP, or IGAP dissectors.
On a system where Ethereal is being run a remote attacker could send
malicious packets that could cause Ethereal to crash or execute arbitrary
code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0176 to this issue.

Jonathan Heussser discovered that a carefully-crafted RADIUS packet could
cause a crash. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0365 to this issue.

Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of
service (crash) via a zero-length Presentation protocol selector. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2004-0367 to this issue.

Users of Ethereal should upgrade to these updated packages, which contain
a version of Ethereal that is not vulnerable to these issues.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

Please note that this update is available via Red Hat Network. To use Red
Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Enterprise Linux AS (v. 2.1)
SRPMS:
ethereal-0.10.3-0.AS21.1.src.rpm
File outdated by:  RHSA-2006:0420		     3ee5bfa1fae233434766cb103510a116
 
IA-32:
ethereal-0.10.3-0.AS21.1.i386.rpm
File outdated by:  RHSA-2006:0420		     f453528f60469bbf0be712ca4cccc17e
ethereal-gnome-0.10.3-0.AS21.1.i386.rpm
File outdated by:  RHSA-2006:0420		     3efbd9297cbbaabbe2990ec08574a979
 
IA-64:
ethereal-0.10.3-0.AS21.1.ia64.rpm
File outdated by:  RHSA-2006:0420		     809643577f1b8162c796f2e2e9022d28
ethereal-gnome-0.10.3-0.AS21.1.ia64.rpm
File outdated by:  RHSA-2006:0420		     75e7efb2ae55e705e814484a4e453122
 
Red Hat Enterprise Linux AS (v. 3)
SRPMS:
ethereal-0.10.3-0.30E.1.src.rpm
File outdated by:  RHSA-2006:0420		     d89620409ec708cd7002c2764a8ae194
 
IA-32:
ethereal-0.10.3-0.30E.1.i386.rpm
File outdated by:  RHSA-2006:0420		     fbed260c5d630709b964fe900d6108e4
ethereal-gnome-0.10.3-0.30E.1.i386.rpm
File outdated by:  RHSA-2006:0420		     01e3293274d2bff41dc5d0ef3afc5e95
 
IA-64:
ethereal-0.10.3-0.30E.1.ia64.rpm
File outdated by:  RHSA-2006:0420		     6d7dc2add4dbfdfd6d676f91f98b4c66
ethereal-gnome-0.10.3-0.30E.1.ia64.rpm
File outdated by:  RHSA-2006:0420		     a55ab17410f0d0e0477c4e4de6bf52af
 
PPC:
ethereal-0.10.3-0.30E.1.ppc.rpm
File outdated by:  RHSA-2006:0420		     c4c1da8a9a97f3f5f63419aa1d67f4ab
ethereal-gnome-0.10.3-0.30E.1.ppc.rpm
File outdated by:  RHSA-2006:0420		     73459000523c3a39e100db884cfb84d9
 
s390:
ethereal-0.10.3-0.30E.1.s390.rpm
File outdated by:  RHSA-2006:0420		     d09e6fac0fe3322b4d554823e551d104
ethereal-gnome-0.10.3-0.30E.1.s390.rpm
File outdated by:  RHSA-2006:0420		     816bec72bfcab54d8c7fde10d324a7a4
 
s390x:
ethereal-0.10.3-0.30E.1.s390x.rpm
File outdated by:  RHSA-2006:0420		     123d3d6435b43cc66423b6d6bb33768a
ethereal-gnome-0.10.3-0.30E.1.s390x.rpm
File outdated by:  RHSA-2006:0420		     72a02b44f24b34365f6ee296ac7fb9cd
 
x86_64:
ethereal-0.10.3-0.30E.1.x86_64.rpm
File outdated by:  RHSA-2006:0420		     4c260a40647d2163d39a4640c3184a15
ethereal-gnome-0.10.3-0.30E.1.x86_64.rpm
File outdated by:  RHSA-2006:0420		     ab0f7d515ce5b7497a747292f1a4c6bf
 
Red Hat Enterprise Linux ES (v. 2.1)
SRPMS:
ethereal-0.10.3-0.AS21.1.src.rpm
File outdated by:  RHSA-2006:0420		     3ee5bfa1fae233434766cb103510a116
 
IA-32:
ethereal-0.10.3-0.AS21.1.i386.rpm
File outdated by:  RHSA-2006:0420		     f453528f60469bbf0be712ca4cccc17e
ethereal-gnome-0.10.3-0.AS21.1.i386.rpm
File outdated by:  RHSA-2006:0420		     3efbd9297cbbaabbe2990ec08574a979
 
Red Hat Enterprise Linux ES (v. 3)
SRPMS:
ethereal-0.10.3-0.30E.1.src.rpm
File outdated by:  RHSA-2006:0420		     d89620409ec708cd7002c2764a8ae194
 
IA-32:
ethereal-0.10.3-0.30E.1.i386.rpm
File outdated by:  RHSA-2006:0420		     fbed260c5d630709b964fe900d6108e4
ethereal-gnome-0.10.3-0.30E.1.i386.rpm
File outdated by:  RHSA-2006:0420		     01e3293274d2bff41dc5d0ef3afc5e95
 
Red Hat Enterprise Linux WS (v. 2.1)
SRPMS:
ethereal-0.10.3-0.AS21.1.src.rpm
File outdated by:  RHSA-2006:0420		     3ee5bfa1fae233434766cb103510a116
 
IA-32:
ethereal-0.10.3-0.AS21.1.i386.rpm
File outdated by:  RHSA-2006:0420		     f453528f60469bbf0be712ca4cccc17e
ethereal-gnome-0.10.3-0.AS21.1.i386.rpm
File outdated by:  RHSA-2006:0420		     3efbd9297cbbaabbe2990ec08574a979
 
Red Hat Enterprise Linux WS (v. 3)
SRPMS:
ethereal-0.10.3-0.30E.1.src.rpm
File outdated by:  RHSA-2006:0420		     d89620409ec708cd7002c2764a8ae194
 
IA-32:
ethereal-0.10.3-0.30E.1.i386.rpm
File outdated by:  RHSA-2006:0420		     fbed260c5d630709b964fe900d6108e4
ethereal-gnome-0.10.3-0.30E.1.i386.rpm
File outdated by:  RHSA-2006:0420		     01e3293274d2bff41dc5d0ef3afc5e95
 
IA-64:
ethereal-0.10.3-0.30E.1.ia64.rpm
File outdated by:  RHSA-2006:0420		     6d7dc2add4dbfdfd6d676f91f98b4c66
ethereal-gnome-0.10.3-0.30E.1.ia64.rpm
File outdated by:  RHSA-2006:0420		     a55ab17410f0d0e0477c4e4de6bf52af
 
x86_64:
ethereal-0.10.3-0.30E.1.x86_64.rpm
File outdated by:  RHSA-2006:0420		     4c260a40647d2163d39a4640c3184a15
ethereal-gnome-0.10.3-0.30E.1.x86_64.rpm
File outdated by:  RHSA-2006:0420		     ab0f7d515ce5b7497a747292f1a4c6bf
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
SRPMS:
ethereal-0.10.3-0.AS21.1.src.rpm
File outdated by:  RHSA-2006:0420		     3ee5bfa1fae233434766cb103510a116
 
IA-64:
ethereal-0.10.3-0.AS21.1.ia64.rpm
File outdated by:  RHSA-2006:0420		     809643577f1b8162c796f2e2e9022d28
ethereal-gnome-0.10.3-0.AS21.1.ia64.rpm
File outdated by:  RHSA-2006:0420		     75e7efb2ae55e705e814484a4e453122
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

118143 - CAN-2004-0176 Ethereal dissector overflows


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0176
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0365
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0367
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1761
http://www.ethereal.com/appnotes/enpa-sa-00013.html

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/