<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <glsa id="200510-25"> <title>Ethereal: Multiple vulnerabilities in protocol dissectors</title> <synopsis> Ethereal is vulnerable to numerous vulnerabilities, potentially resulting in the execution of arbitrary code or abnormal termination. </synopsis> <product type="ebuild">Ethereal</product> <announced>2005-10-30</announced> <revised count="01">2005-10-30</revised> <bug>109348</bug> <access>remote</access> <affected> <package name="net-analyzer/ethereal" auto="yes" arch="*"> <unaffected range="ge">0.10.13-r1</unaffected> <vulnerable range="lt">0.10.13-r1</vulnerable> </package> </affected> <background> <p> Ethereal is a feature-rich network protocol analyzer. </p> </background> <description> <p> There are numerous vulnerabilities in versions of Ethereal prior to 0.10.13, including: </p> <ul> <li>The SLIM3 and AgentX dissectors could overflow a buffer (CVE-2005-3243).</li> <li>iDEFENSE discovered a buffer overflow in the SRVLOC dissector (CVE-2005-3184).</li> <li>Multiple potential crashes in many dissectors have been fixed, see References for further details.</li> </ul> <p> Furthermore an infinite loop was discovered in the IRC protocol dissector of the 0.10.13 release (CVE-2005-3313). </p> </description> <impact type="high"> <p> An attacker might be able to use these vulnerabilities to crash Ethereal or execute arbitrary code with the permissions of the user running Ethereal, which could be the root user. </p> </impact> <workaround> <p> There is no known workaround at this time. </p> </workaround> <resolution> <p> All Ethereal users should upgrade to the latest version: </p> <code> # emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/ethereal-0.10.13-r1"</code> </resolution> <references> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3184">CVE-2005-3184</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3241">CVE-2005-3241</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3242">CVE-2005-3242</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3243">CVE-2005-3243</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3244">CVE-2005-3244</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3245">CVE-2005-3245</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3246">CVE-2005-3246</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3247">CVE-2005-3247</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3248">CVE-2005-3248</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3249">CVE-2005-3249</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3313">CVE-2005-3313</uri> <uri link="http://www.ethereal.com/appnotes/enpa-sa-00021.html">Ethereal enpa-sa-00021</uri> </references> <metadata tag="submitter" timestamp="2005-10-17T05:29:11Z"> jaervosz </metadata> <metadata tag="bugReady" timestamp="2005-10-30T09:10:32Z"> adir </metadata> </glsa>