Bulletin d'alerte Debian
DSA-528-1 ethereal -- Déni de service
- Date du rapport :
- 17 juillet 2004
- Paquets concernés :
- ethereal
- Vulnérabilité :
- Oui
- Références dans la base de données de sécurité :
- Dans le dictionnaire CVE du Mitre : CVE-2004-0635.
- Plus de précisions :
-
Plusieurs failles de sécurité de type déni de service ont été découvertes dans ethereal, un analyseur de trafic réseau. Ces failles sont décrites dans l'annonce ethereal enpa-sa-00015. De toutes, seulement une (CAN-2004-0635) affecte la version de ethereal dans Debian Woody. Cette faille de sécurité pouvait être exploitée par un attaquant distant pour faire planter ethereal avec un paquet SNMP invalide.
Pour la distribution stable (Woody), ces problèmes ont été corrigés dans la version 0.9.4-1woody8.
Pour la distribution instable (Sid), ces problèmes ont été corrigés dans la version 0.10.5-1.
Nous vous recommandons de mettre à jour votre paquet ethereal.
- Corrigé dans :
-
Debian GNU/Linux 3.0 (woody)
- Source :
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8.dsc
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8.diff.gz
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4.orig.tar.gz
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8.diff.gz
- Alpha:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody7_alpha.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody7_alpha.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody7_alpha.deb
- http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody7_alpha.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody7_alpha.deb
- ARM:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_arm.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_arm.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_arm.deb
- http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_arm.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_arm.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_i386.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_i386.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_i386.deb
- http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_i386.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_ia64.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_ia64.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_ia64.deb
- http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_ia64.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_ia64.deb
- HPPA:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_hppa.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_hppa.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_hppa.deb
- http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_hppa.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_hppa.deb
- Motorola 680x0:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_m68k.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_m68k.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_m68k.deb
- http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_m68k.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_m68k.deb
- Big endian MIPS:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_mips.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_mips.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_mips.deb
- http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_mips.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_mips.deb
- Little endian MIPS:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_mipsel.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_mipsel.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_mipsel.deb
- http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_mipsel.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_powerpc.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_powerpc.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_powerpc.deb
- http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_powerpc.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_s390.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_s390.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_s390.deb
- http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_s390.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody8_sparc.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_sparc.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody8_sparc.deb
- http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody8_sparc.deb
- http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody8_sparc.deb
Les sommes MD5 des fichiers indiqués sont disponibles sur la page originale de l'alerte de sécurité.