Skip to navigation

Security Advisory ethereal security update

Advisory: RHSA-2005:306-10
Type: Security Advisory
Severity: Moderate
Issued on: 2005-03-18
Last updated on: 2005-03-18
Affected Products: Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
CVEs (cve.mitre.org): CVE-2005-0699
CVE-2005-0704
CVE-2005-0705
CVE-2005-0739
CVE-2005-0765
CVE-2005-0766

Details

Updated Ethereal packages that fix various security vulnerabilities are now
available.

This update has been rated as having moderate security impact by the Red Hat
Security Response Team.

The ethereal package is a program for monitoring network traffic.


A number of security flaws have been discovered in Ethereal. On a system
where Ethereal is running, a remote attacker could send malicious packets
to trigger these flaws and cause Ethereal to crash or potentially execute
arbitrary code.

A buffer overflow flaw was discovered in the Etheric dissector. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-0704 to this issue.

The GPRS-LLC dissector could crash if the "ignore cipher bit" option was
set. The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0705 to this issue.

A buffer overflow flaw was discovered in the 3GPP2 A11 dissector. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0699 to this issue.

A buffer overflow flaw was discovered in the IAPP dissector. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-0739 to this issue.

Users of ethereal should upgrade to these updated packages, which contain
version 0.10.10 and are not vulnerable to these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Updated packages

Red Hat Desktop (v. 3)

IA-32:
ethereal-0.10.10-1.EL3.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3b03965e2cf37d7af3032f2807416ee2
ethereal-gnome-0.10.10-1.EL3.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3205521c99494c2093e05d71c1cd3dbd
 
x86_64:
ethereal-0.10.10-1.EL3.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: e245dbbca7a2140c71c3e256479e68d4
ethereal-gnome-0.10.10-1.EL3.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3f6d6aa9b62db253f6ed0c56a3ba65e5
 
Red Hat Desktop (v. 4)

IA-32:
ethereal-0.10.10-1.EL4.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 42ef9c43f9beac7e56daeb0fe37b0410
ethereal-gnome-0.10.10-1.EL4.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: c2deaa08b9bb28dda7d0bd70250743a7
 
x86_64:
ethereal-0.10.10-1.EL4.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 1c0fb944257bb3da1f5265a2957b26bd
ethereal-gnome-0.10.10-1.EL4.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 8ac83f1a2e468dbc2cbf24f215cc5ed7
 
Red Hat Enterprise Linux AS (v. 2.1)

IA-32:
ethereal-0.10.10-1.AS21.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3b3961d37d85f1d133b6a547d3a1c1df
ethereal-gnome-0.10.10-1.AS21.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: a9612756dfc446a516f8a6cdc6751b7c
 
IA-64:
ethereal-0.10.10-1.AS21.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: e99a353b78155e1436671d304cc5783f
ethereal-gnome-0.10.10-1.AS21.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 52f3fe5e9b24e8cef8fa7c314bbe87c9
 
Red Hat Enterprise Linux AS (v. 3)

IA-32:
ethereal-0.10.10-1.EL3.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3b03965e2cf37d7af3032f2807416ee2
ethereal-gnome-0.10.10-1.EL3.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3205521c99494c2093e05d71c1cd3dbd
 
IA-64:
ethereal-0.10.10-1.EL3.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 51ece445012d8f536a217b24978feaab
ethereal-gnome-0.10.10-1.EL3.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 9fca87b270af3770ef431d6cb4cd8cf0
 
PPC:
ethereal-0.10.10-1.EL3.1.ppc.rpm
File outdated by:  RHSA-2006:0420
    MD5: e7bbc35c074deceb6642110280963ffc
ethereal-gnome-0.10.10-1.EL3.1.ppc.rpm
File outdated by:  RHSA-2006:0420
    MD5: d62cdda64da9b8ac99e9a113dffd51e2
 
s390:
ethereal-0.10.10-1.EL3.1.s390.rpm
File outdated by:  RHSA-2006:0420
    MD5: e058533841940611b6dfd41dddf353d4
ethereal-gnome-0.10.10-1.EL3.1.s390.rpm
File outdated by:  RHSA-2006:0420
    MD5: 9b5f47fe9c15df640f0fb12ad259be69
 
s390x:
ethereal-0.10.10-1.EL3.1.s390x.rpm
File outdated by:  RHSA-2006:0420
    MD5: dceafd4686403083809b54b6921a09a3
ethereal-gnome-0.10.10-1.EL3.1.s390x.rpm
File outdated by:  RHSA-2006:0420
    MD5: f54f092d247cec4a1c441d548f75ffe5
 
x86_64:
ethereal-0.10.10-1.EL3.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: e245dbbca7a2140c71c3e256479e68d4
ethereal-gnome-0.10.10-1.EL3.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3f6d6aa9b62db253f6ed0c56a3ba65e5
 
Red Hat Enterprise Linux AS (v. 4)

IA-32:
ethereal-0.10.10-1.EL4.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 42ef9c43f9beac7e56daeb0fe37b0410
ethereal-gnome-0.10.10-1.EL4.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: c2deaa08b9bb28dda7d0bd70250743a7
 
IA-64:
ethereal-0.10.10-1.EL4.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: d359ec6bcd42d582f72d11f35da06380
ethereal-gnome-0.10.10-1.EL4.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: e8c95b60c9acc82772207af1e99d1804
 
PPC:
ethereal-0.10.10-1.EL4.1.ppc.rpm
File outdated by:  RHSA-2006:0420
    MD5: 9fdb6c8afe12e15da837f0f1e927cfbb
ethereal-gnome-0.10.10-1.EL4.1.ppc.rpm
File outdated by:  RHSA-2006:0420
    MD5: d8494d4ec54becd0f468f49004bd6273
 
s390:
ethereal-0.10.10-1.EL4.1.s390.rpm
File outdated by:  RHSA-2006:0420
    MD5: 32a15bad41ee0b610d8e42519eefda50
ethereal-gnome-0.10.10-1.EL4.1.s390.rpm
File outdated by:  RHSA-2006:0420
    MD5: 196489ef013a4874ad5abe9788689585
 
s390x:
ethereal-0.10.10-1.EL4.1.s390x.rpm
File outdated by:  RHSA-2006:0420
    MD5: c3fc67ecb11f7fce145a8eb2ed2cf0b3
ethereal-gnome-0.10.10-1.EL4.1.s390x.rpm
File outdated by:  RHSA-2006:0420
    MD5: b71701f345bfa34bfade35b0b15ee745
 
x86_64:
ethereal-0.10.10-1.EL4.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 1c0fb944257bb3da1f5265a2957b26bd
ethereal-gnome-0.10.10-1.EL4.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 8ac83f1a2e468dbc2cbf24f215cc5ed7
 
Red Hat Enterprise Linux ES (v. 2.1)

IA-32:
ethereal-0.10.10-1.AS21.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3b3961d37d85f1d133b6a547d3a1c1df
ethereal-gnome-0.10.10-1.AS21.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: a9612756dfc446a516f8a6cdc6751b7c
 
Red Hat Enterprise Linux ES (v. 3)

IA-32:
ethereal-0.10.10-1.EL3.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3b03965e2cf37d7af3032f2807416ee2
ethereal-gnome-0.10.10-1.EL3.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3205521c99494c2093e05d71c1cd3dbd
 
IA-64:
ethereal-0.10.10-1.EL3.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 51ece445012d8f536a217b24978feaab
ethereal-gnome-0.10.10-1.EL3.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 9fca87b270af3770ef431d6cb4cd8cf0
 
x86_64:
ethereal-0.10.10-1.EL3.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: e245dbbca7a2140c71c3e256479e68d4
ethereal-gnome-0.10.10-1.EL3.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3f6d6aa9b62db253f6ed0c56a3ba65e5
 
Red Hat Enterprise Linux ES (v. 4)

IA-32:
ethereal-0.10.10-1.EL4.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 42ef9c43f9beac7e56daeb0fe37b0410
ethereal-gnome-0.10.10-1.EL4.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: c2deaa08b9bb28dda7d0bd70250743a7
 
IA-64:
ethereal-0.10.10-1.EL4.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: d359ec6bcd42d582f72d11f35da06380
ethereal-gnome-0.10.10-1.EL4.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: e8c95b60c9acc82772207af1e99d1804
 
x86_64:
ethereal-0.10.10-1.EL4.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 1c0fb944257bb3da1f5265a2957b26bd
ethereal-gnome-0.10.10-1.EL4.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 8ac83f1a2e468dbc2cbf24f215cc5ed7
 
Red Hat Enterprise Linux WS (v. 2.1)

IA-32:
ethereal-0.10.10-1.AS21.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3b3961d37d85f1d133b6a547d3a1c1df
ethereal-gnome-0.10.10-1.AS21.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: a9612756dfc446a516f8a6cdc6751b7c
 
Red Hat Enterprise Linux WS (v. 3)

IA-32:
ethereal-0.10.10-1.EL3.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3b03965e2cf37d7af3032f2807416ee2
ethereal-gnome-0.10.10-1.EL3.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3205521c99494c2093e05d71c1cd3dbd
 
IA-64:
ethereal-0.10.10-1.EL3.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 51ece445012d8f536a217b24978feaab
ethereal-gnome-0.10.10-1.EL3.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 9fca87b270af3770ef431d6cb4cd8cf0
 
x86_64:
ethereal-0.10.10-1.EL3.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: e245dbbca7a2140c71c3e256479e68d4
ethereal-gnome-0.10.10-1.EL3.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 3f6d6aa9b62db253f6ed0c56a3ba65e5
 
Red Hat Enterprise Linux WS (v. 4)

IA-32:
ethereal-0.10.10-1.EL4.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: 42ef9c43f9beac7e56daeb0fe37b0410
ethereal-gnome-0.10.10-1.EL4.1.i386.rpm
File outdated by:  RHSA-2006:0420
    MD5: c2deaa08b9bb28dda7d0bd70250743a7
 
IA-64:
ethereal-0.10.10-1.EL4.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: d359ec6bcd42d582f72d11f35da06380
ethereal-gnome-0.10.10-1.EL4.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: e8c95b60c9acc82772207af1e99d1804
 
x86_64:
ethereal-0.10.10-1.EL4.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 1c0fb944257bb3da1f5265a2957b26bd
ethereal-gnome-0.10.10-1.EL4.1.x86_64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 8ac83f1a2e468dbc2cbf24f215cc5ed7
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor

IA-64:
ethereal-0.10.10-1.AS21.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: e99a353b78155e1436671d304cc5783f
ethereal-gnome-0.10.10-1.AS21.1.ia64.rpm
File outdated by:  RHSA-2006:0420
    MD5: 52f3fe5e9b24e8cef8fa7c314bbe87c9
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

150705 - CAN-2005-0699 Multiple ethereal issues (CAN-2005-0704 CAN-2005-0705)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/