Debians sikkerhedsbulletin

DSA-407-1 ethereal -- bufferoverløb

Rapporteret den:
5. jan 2004
Berørte pakker:
ethereal
Sårbar:
Ja
Referencer i sikkerhedsdatabaser:
I Bugtraq-databasen (hos SecurityFocus): BugTraq-id 9248, BugTraq-id 9249.
I Mitres CVE-ordbog: CVE-2003-0925, CVE-2003-0926, CVE-2003-0927, CVE-2003-1012, CVE-2003-1013.
Yderligere oplysninger:

Flere sårbarheder er opdaget af opstrøm i ethereal, et netværksanalyseringsprogram. Projektet Common Vulnerabilities and Exposures har fundet frem til følgende problemer:

  • CAN-2003-0925

    Et bufferoverløb gør det muligt for fjernangribere at iværksætte et lammelsesangreb og potentielt udføre vilkårlig kode via en misdannet GTP MSISDN-streng.

  • CAN-2003-0926

    Ved hjælp af visse misdannede ISAKMP- eller MEGACO-pakker kan fjernangribere iværksætte et lammelsesangreb (systemnedbrud).

  • CAN-2003-0927

    Et stakbaseret bufferoverløb gør det muligt for fjernangribere at iværksætte et lammelsesangreb (systemnedbrud) og potentielt udføre vilkårlig kode ved hjælp af SOCKS-dissector'en.

  • CAN-2003-1012

    SMB-dissector'en gør det muligt for fjernangribere at iværksætte et lammelsesangreb ved hjælp af en misdannet SMB-pakke som udløser en segmenteringsfejl under behandlingen af valgte pakker.

  • CAN-2003-1013

    Q.931-dissector'en gør det muligt for fjernangribere at iværksætte et lammelsesangreb (systemnedbrud) ved hjælp af en misdannet Q.931, hvilket udløser en nul-reference.

I den stabile distribution (woody) er dette problem rettet i version 0.9.4-1woody6.

I den ustabile distribution (sid) er dette problem rettet i version 0.10.0-1.

Vi anbefaler at du opgraderer dine ethereal- og tethereal-pakker.

Rettet i:

Debian GNU/Linux 3.0 (woody)

Kildekode:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6.dsc
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6.diff.gz
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4.orig.tar.gz
Alpha:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_alpha.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_alpha.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_alpha.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_alpha.deb
ARM:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_arm.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_arm.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_arm.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_arm.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_i386.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_i386.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_i386.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_ia64.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_ia64.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_ia64.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_ia64.deb
HPPA:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_hppa.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_hppa.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_hppa.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_hppa.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_m68k.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_m68k.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_m68k.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_m68k.deb
Big endian MIPS:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_mips.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_mips.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_mips.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_mips.deb
Little endian MIPS:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_mipsel.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_mipsel.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_mipsel.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_powerpc.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_powerpc.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_powerpc.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_s390.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_s390.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_s390.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody6_sparc.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody6_sparc.deb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody6_sparc.deb
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody6_sparc.deb

MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.