Säkerhetsbulletin från Debian

DSA-324-1 ethereal -- flera sårbarheter

Rapporterat den:

2003-06-18

Berörda paket:

Sårbara:

Referenser i säkerhetsdatabaser:

I Bugtraq-databasen (hos SecurityFocus): BugTraq-id 7878, BugTraq-id 7880, BugTraq-id 7881, BugTraq-id 7883.
I Mitres CVE-förteckning: CVE-2003-0428, CVE-2003-0429, CVE-2003-0431, CVE-2003-0432.

Ytterligare information:

Flera av paketundersökningsfunktionerna i ethereal innehåller stränghanteringsfel som kan utnyttjas genom specialskrivna paket och därmed få ethereal att utnyttja stora mängder minne, krascha eller exekvera godtycklig kod.

Dessa sårbarheter tillkännagavs i följande säkerhetsbulletin för Ethereal:

http://www.ethereal.com/appnotes/enpa-sa-00010.html

Ethereal 0.9.4 i Debian 3.0 (Woody) påverkas av de flesta problem som beskrivs i bulletinen, däribland:

DCERPC-undersökningen kunde försöka allokera för mycket minne medan den försökte avkoda en NDR-sträng.
Felaktiga prefixlängder för IPv4 eller IPv6 kunde orsaka spill i OSI-undersökningen.
Rutinen tvb_get_nstringz0() hanterade en buffertlängd på noll fel.
Undersökningskoden för BGP, WTP, DNS, 802.11, ISAKMP, WSP, CLNP och ISIS hanterade strängar felaktigt.

Följande problem påverkar ej denna version:

SPNEGO-undersökaren kunde orsaka segmenteringsfel när ogiltiga ASN.1-värden tolkades.
RMI-undersökaren hanterade strängar felaktigt.

eftersom dessa module inte är närvarande.

För den stabila utgåvan (Woody) har dessa problem rättats i version 0.9.4-1woody5.

För den gamla stabila utgåvan (Potato) kommer dessa problem att rättas i den framtida bulletin.

För den instabila utgåvan (Sid) har dessa problem rättats i version 0.9.13-1.

Vi rekommenderar att ni uppgraderar ert ethereal-paket.

Rättat i:

Debian GNU/Linux 3.0 (woody)

Källkod:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody5.dsc; http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody5.diff.gz; http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4.orig.tar.gz
Alpha:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody5_alpha.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody5_alpha.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody5_alpha.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody5_alpha.deb
ARM:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody5_arm.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody5_arm.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody5_arm.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody5_arm.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody5_i386.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody5_i386.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody5_i386.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody5_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody5_ia64.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody5_ia64.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody5_ia64.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody5_ia64.deb
HPPA:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody5_hppa.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody5_hppa.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody5_hppa.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody5_hppa.deb
Motorola 680x0:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody5_m68k.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody5_m68k.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody5_m68k.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody5_m68k.deb
Big endian MIPS:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody5_mips.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody5_mips.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody5_mips.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody5_mips.deb
Little endian MIPS:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody5_mipsel.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody5_mipsel.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody5_mipsel.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody5_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody5_powerpc.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody5_powerpc.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody5_powerpc.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody5_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody5_s390.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody5_s390.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody5_s390.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody5_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody5_sparc.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody5_sparc.deb; http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody5_sparc.deb; http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody5_sparc.deb

MD5-kontrollsummor för dessa filer finns i originalbulletinen.